kernel BUG at drivers/android/binder_alloc.c:LINE!
|
C |
|
|
44 |
1956d |
2204d
|
1/3 |
never |
c8ddc8cc40e6
FROMGIT: binder: fix BUG_ON found by selinux-testsuite
|
possible deadlock in seq_read
|
C |
|
|
56124 |
1952d |
2188d
|
1/3 |
never |
7d7637dafc59
fs/open.c: allow opening only regular files during execve()
|
android-4.9 boot error: general protection fault in ion_heap_destroy
|
|
|
|
729 |
2209d |
2247d
|
1/3 |
never |
270fbfb501f1
ANDROID: ion_dummy_driver: Remove SYSTEM_CONTIG heap
|
possible deadlock in ashmem_llseek
|
|
|
|
5 |
2590d |
2634d
|
3/3 |
2191d |
1d47c874cd72
staging: android: ashmem: Fix lockdep issue during llseek
|
general protection fault in sg_remove_scat
|
C |
|
|
279 |
2564d |
2747d
|
3/3 |
2382d |
6505dd1f7f55
scsi: sg: don't return bogus Sg_requests
|
KASAN: stack-out-of-bounds Read in xt_copy_counters_from_user
|
C |
|
|
18 |
2392d |
2398d
|
3/3 |
2384d |
3ea051bcf2cd
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
|
general protection fault in sockfs_setattr
|
C |
|
|
11 |
2420d |
2438d
|
3/3 |
2419d |
7fa8c15e72a4
UPSTREAM: socket: close race condition between sock_close() and sockfs_setattr()
|
BUG: unable to handle kernel paging request in page_remove_rmap
|
C |
|
|
14617 |
2420d |
2427d
|
3/3 |
2420d |
89c059b66a08
x86/mm: Simplify p[g4um]d_page() macros
|
BUG: unable to handle kernel paging request in copy_huge_pmd
|
C |
|
|
433 |
2421d |
2427d
|
3/3 |
2420d |
89c059b66a08
x86/mm: Simplify p[g4um]d_page() macros
|
BUG: unable to handle kernel paging request in __split_huge_pmd
|
C |
|
|
174 |
2421d |
2427d
|
3/3 |
2420d |
89c059b66a08
x86/mm: Simplify p[g4um]d_page() macros
|
KASAN: use-after-free Read in __list_del_entry (3)
|
C |
|
|
9 |
2583d |
2590d
|
3/3 |
2499d |
c4048b20ffc5
UPSTREAM: ANDROID: binder: prevent transactions into own process.
|
KASAN: use-after-free Read in binder_release_work
|
C |
|
|
132 |
2539d |
2553d
|
3/3 |
2512d |
c4048b20ffc5
UPSTREAM: ANDROID: binder: prevent transactions into own process.
|
WARNING in set_precision
|
C |
|
|
1320 |
2533d |
2654d
|
3/3 |
2533d |
06a02a816890
KEYS: DNS: limit the length of option strings
|
possible deadlock in __might_fault
|
C |
|
|
10264 |
2576d |
2597d
|
3/3 |
2540d |
d3c79a38843b
staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
|
BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state
|
C |
|
|
304159 |
2555d |
2673d
|
2/3 |
2554d |
30df7fb50d32
net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
|
WARNING in binder_send_failed_reply
|
C |
|
|
74 |
2590d |
2688d
|
2/3 |
2588d |
d3a2afb9382e
UPSTREAM: ANDROID: binder: remove WARN() for redundant txn error
|
KASAN: use-after-free Read in remove_wait_queue
|
C |
|
|
6 |
2602d |
2612d
|
2/3 |
2590d |
b6c6212514fe
ANDROID: binder: synchronize_rcu() when using POLLFREE.
|
WARNING in __alloc_pages_slowpath (3)
|
C |
|
|
547 |
2592d |
2596d
|
2/3 |
2592d |
f67385227a42
ANDROID: keychord: Check for write data size
|
KASAN: double-free or invalid-free in relay_open
|
C |
|
|
64 |
2606d |
2658d
|
2/3 |
2603d |
91cebf98cd94
kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
|
BUG: Double free or freeing an invalid pointer (2)
|
C |
|
|
1 |
2679d |
2679d
|
2/3 |
2603d |
91cebf98cd94
kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
|
KASAN: use-after-free Read in __lock_acquire
|
C |
|
|
1161 |
2617d |
2688d
|
2/3 |
2610d |
550c01d0e051
UPSTREAM: ANDROID: binder: remove waitqueue when thread exits.
|
BUG: bad unlock balance in ipmr_mfc_seq_stop
|
C |
|
|
7493 |
2610d |
2688d
|
2/3 |
2610d |
7d3d60ef2256
ip6mr: fix stale iterator
|
WARNING in task_participate_group_stop
|
C |
|
|
15 |
2644d |
2801d
|
2/3 |
2617d |
4d53eb494950
kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
|
general protection fault in ip6_setup_cork
|
|
|
|
924 |
2717d |
2728d
|
2/3 |
2621d |
28fa583fd8ce
ipv6: flowlabel: do not leave opt->tot_len with garbage
|
kernel BUG at net/key/af_key.c:LINE!
|
C |
|
|
1 |
2780d |
2780d
|
2/3 |
2621d |
6ceabde66643
xfrm: Copy policy family in clone_policy
|
general protection fault in assoc_array_apply_edit
|
|
|
|
1 |
2723d |
2723d
|
2/3 |
2624d |
67bcc5e530d5
assoc_array: Fix a buggy node-splitting case
|
BUG: unable to handle kernel paging request in snd_seq_oss_readq_puts
|
C |
|
|
3 |
2758d |
2757d
|
2/3 |
2658d |
4b52c3170bd8
ALSA: seq: Fix OSS sysex delivery in OSS emulation
|
KASAN: stack-out-of-bounds Read in memcmp
|
C |
|
|
4 |
2804d |
2807d
|
1/3 |
2684d |
0b8656414e29
BACKPORT: xfrm: Don't use sk_family for socket policy lookups
|
WARNING in reuseport_alloc
|
C |
|
|
106 |
2697d |
2727d
|
1/3 |
2688d |
3b0b4d2c47ec
soreuseport: fix initialization race
|
WARNING in skb_warn_bad_offload
|
C |
|
|
442 |
2708d |
2815d
|
1/3 |
2708d |
net: remove open-coded skb_cow_head.
|
KASAN: use-after-free Read in fanout_demux_rollover
|
C |
|
|
5 |
2751d |
2771d
|
1/3 |
2709d |
6f7cdd4aa0a4
packet: hold bind lock when rebinding to fanout hook
|
WARNING in __alloc_pages_slowpath
|
C |
|
|
2412 |
2714d |
2789d
|
1/3 |
2714d |
1f46caef2914
FROMLIST: ALSA: usx2y: Suppress kernel warning at page allocation failures
|
KASAN: use-after-free Read in bio_copy_user_iov
|
syz |
|
|
73 |
2777d |
2807d
|
1/3 |
2723d |
4099ac938385
scsi: sg: protect accesses to 'reserved' page array
|
BUG: sleeping function called from invalid context at mm/slab.h:LINE
|
C |
|
|
3 |
2800d |
2813d
|
1/3 |
2723d |
0f94b36de37c
af_key: Add lock to key dump
|
BUG: unable to handle kernel NULL pointer dereference in __remove_shared_vm_struct
|
C |
|
|
1 |
2786d |
2785d
|
1/3 |
2723d |
b65b6ac52e0f
fork: fix incorrect fput of ->exe_file causing use-after-free
|
WARNING in __switch_to
|
C |
|
|
54 |
2742d |
2810d
|
1/3 |
2723d |
5e9b07f30d21
x86/fpu: Don't let userspace set bogus xcomp_bv
|
general protection fault in skb_release_data
|
|
|
|
1 |
2794d |
2794d
|
1/3 |
2723d |
304b41014acb
ipv6: fix out of bound writes in __ip6_append_data()
|
WARNING in fib6_del
|
|
|
|
281 |
2747d |
2784d
|
1/3 |
2724d |
9b2b08179641
UPSTREAM: ipv6: fib: Unlink replaced routes from their nodes
|
KASAN: use-after-free Read in parse_ipsecrequests
|
C |
|
|
7 |
2815d |
2815d
|
1/3 |
2784d |
3c17d418afb0
UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing
|
WARNING in __list_add
|
C |
|
|
11 |
2797d |
2811d
|
1/3 |
2795d |
59584701f1e2
ANDROID: keychord: Fix races in keychord_write.
|
BUG: Double free or freeing an invalid pointer
|
syz |
|
|
70 |
2797d |
2814d
|
1/3 |
2795d |
59584701f1e2
ANDROID: keychord: Fix races in keychord_write.
|
KASAN: slab-out-of-bounds Read in keychord_write
|
syz |
|
|
2 |
2817d |
2815d
|
1/3 |
2810d |
913d980e07d8
ANDROID: keychord: Fix a slab out-of-bounds read.
|