kernel BUG at drivers/android/binder_alloc.c:LINE!
|
C |
|
|
44 |
1398d |
1645d
|
1/3 |
never |
c8ddc8cc40e6
FROMGIT: binder: fix BUG_ON found by selinux-testsuite
|
possible deadlock in seq_read
|
C |
|
|
56124 |
1393d |
1629d
|
1/3 |
never |
7d7637dafc59
fs/open.c: allow opening only regular files during execve()
|
android-4.9 boot error: general protection fault in ion_heap_destroy
|
|
|
|
729 |
1650d |
1689d
|
1/3 |
never |
270fbfb501f1
ANDROID: ion_dummy_driver: Remove SYSTEM_CONTIG heap
|
possible deadlock in ashmem_llseek
|
|
|
|
5 |
2031d |
2076d
|
3/3 |
1632d |
1d47c874cd72
staging: android: ashmem: Fix lockdep issue during llseek
|
general protection fault in sg_remove_scat
|
C |
|
|
279 |
2006d |
2188d
|
3/3 |
1824d |
6505dd1f7f55
scsi: sg: don't return bogus Sg_requests
|
KASAN: stack-out-of-bounds Read in xt_copy_counters_from_user
|
C |
|
|
18 |
1833d |
1840d
|
3/3 |
1825d |
3ea051bcf2cd
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
|
general protection fault in sockfs_setattr
|
C |
|
|
11 |
1861d |
1880d
|
3/3 |
1860d |
7fa8c15e72a4
UPSTREAM: socket: close race condition between sock_close() and sockfs_setattr()
|
BUG: unable to handle kernel paging request in page_remove_rmap
|
C |
|
|
14617 |
1862d |
1868d
|
3/3 |
1862d |
89c059b66a08
x86/mm: Simplify p[g4um]d_page() macros
|
BUG: unable to handle kernel paging request in copy_huge_pmd
|
C |
|
|
433 |
1862d |
1868d
|
3/3 |
1862d |
89c059b66a08
x86/mm: Simplify p[g4um]d_page() macros
|
BUG: unable to handle kernel paging request in __split_huge_pmd
|
C |
|
|
174 |
1862d |
1868d
|
3/3 |
1862d |
89c059b66a08
x86/mm: Simplify p[g4um]d_page() macros
|
KASAN: use-after-free Read in __list_del_entry (3)
|
C |
|
|
9 |
2024d |
2032d
|
3/3 |
1940d |
c4048b20ffc5
UPSTREAM: ANDROID: binder: prevent transactions into own process.
|
KASAN: use-after-free Read in binder_release_work
|
C |
|
|
132 |
1981d |
1995d
|
3/3 |
1953d |
c4048b20ffc5
UPSTREAM: ANDROID: binder: prevent transactions into own process.
|
WARNING in set_precision
|
C |
|
|
1320 |
1974d |
2096d
|
3/3 |
1974d |
06a02a816890
KEYS: DNS: limit the length of option strings
|
possible deadlock in __might_fault
|
C |
|
|
10264 |
2017d |
2039d
|
3/3 |
1981d |
d3c79a38843b
staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
|
BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state
|
C |
|
|
304159 |
1996d |
2115d
|
2/3 |
1996d |
30df7fb50d32
net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
|
WARNING in binder_send_failed_reply
|
C |
|
|
74 |
2031d |
2129d
|
2/3 |
2029d |
d3a2afb9382e
UPSTREAM: ANDROID: binder: remove WARN() for redundant txn error
|
KASAN: use-after-free Read in remove_wait_queue
|
C |
|
|
6 |
2044d |
2053d
|
2/3 |
2032d |
b6c6212514fe
ANDROID: binder: synchronize_rcu() when using POLLFREE.
|
WARNING in __alloc_pages_slowpath (3)
|
C |
|
|
547 |
2034d |
2037d
|
2/3 |
2034d |
f67385227a42
ANDROID: keychord: Check for write data size
|
KASAN: double-free or invalid-free in relay_open
|
C |
|
|
64 |
2048d |
2099d
|
2/3 |
2044d |
91cebf98cd94
kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
|
BUG: Double free or freeing an invalid pointer (2)
|
C |
|
|
1 |
2120d |
2120d
|
2/3 |
2044d |
91cebf98cd94
kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
|
KASAN: use-after-free Read in __lock_acquire
|
C |
|
|
1161 |
2059d |
2130d
|
2/3 |
2051d |
550c01d0e051
UPSTREAM: ANDROID: binder: remove waitqueue when thread exits.
|
BUG: bad unlock balance in ipmr_mfc_seq_stop
|
C |
|
|
7493 |
2052d |
2130d
|
2/3 |
2051d |
7d3d60ef2256
ip6mr: fix stale iterator
|
WARNING in task_participate_group_stop
|
C |
|
|
15 |
2086d |
2243d
|
2/3 |
2059d |
4d53eb494950
kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
|
general protection fault in ip6_setup_cork
|
|
|
|
924 |
2158d |
2170d
|
2/3 |
2062d |
28fa583fd8ce
ipv6: flowlabel: do not leave opt->tot_len with garbage
|
kernel BUG at net/key/af_key.c:LINE!
|
C |
|
|
1 |
2222d |
2222d
|
2/3 |
2062d |
6ceabde66643
xfrm: Copy policy family in clone_policy
|
general protection fault in assoc_array_apply_edit
|
|
|
|
1 |
2164d |
2164d
|
2/3 |
2065d |
67bcc5e530d5
assoc_array: Fix a buggy node-splitting case
|
BUG: unable to handle kernel paging request in snd_seq_oss_readq_puts
|
C |
|
|
3 |
2199d |
2199d
|
2/3 |
2099d |
4b52c3170bd8
ALSA: seq: Fix OSS sysex delivery in OSS emulation
|
KASAN: stack-out-of-bounds Read in memcmp
|
C |
|
|
4 |
2245d |
2249d
|
1/3 |
2125d |
0b8656414e29
BACKPORT: xfrm: Don't use sk_family for socket policy lookups
|
WARNING in reuseport_alloc
|
C |
|
|
106 |
2139d |
2168d
|
1/3 |
2129d |
3b0b4d2c47ec
soreuseport: fix initialization race
|
WARNING in skb_warn_bad_offload
|
C |
|
|
442 |
2150d |
2256d
|
1/3 |
2150d |
net: remove open-coded skb_cow_head.
|
KASAN: use-after-free Read in fanout_demux_rollover
|
C |
|
|
5 |
2192d |
2213d
|
1/3 |
2150d |
6f7cdd4aa0a4
packet: hold bind lock when rebinding to fanout hook
|
WARNING in __alloc_pages_slowpath
|
C |
|
|
2412 |
2156d |
2231d
|
1/3 |
2156d |
1f46caef2914
FROMLIST: ALSA: usx2y: Suppress kernel warning at page allocation failures
|
KASAN: use-after-free Read in bio_copy_user_iov
|
syz |
|
|
73 |
2218d |
2249d
|
1/3 |
2164d |
4099ac938385
scsi: sg: protect accesses to 'reserved' page array
|
BUG: sleeping function called from invalid context at mm/slab.h:LINE
|
C |
|
|
3 |
2241d |
2255d
|
1/3 |
2164d |
0f94b36de37c
af_key: Add lock to key dump
|
BUG: unable to handle kernel NULL pointer dereference in __remove_shared_vm_struct
|
C |
|
|
1 |
2227d |
2226d
|
1/3 |
2164d |
b65b6ac52e0f
fork: fix incorrect fput of ->exe_file causing use-after-free
|
WARNING in __switch_to
|
C |
|
|
54 |
2184d |
2252d
|
1/3 |
2164d |
5e9b07f30d21
x86/fpu: Don't let userspace set bogus xcomp_bv
|
general protection fault in skb_release_data
|
|
|
|
1 |
2236d |
2236d
|
1/3 |
2164d |
304b41014acb
ipv6: fix out of bound writes in __ip6_append_data()
|
WARNING in fib6_del
|
|
|
|
281 |
2188d |
2225d
|
1/3 |
2166d |
9b2b08179641
UPSTREAM: ipv6: fib: Unlink replaced routes from their nodes
|
KASAN: use-after-free Read in parse_ipsecrequests
|
C |
|
|
7 |
2256d |
2256d
|
1/3 |
2226d |
3c17d418afb0
UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing
|
WARNING in __list_add
|
C |
|
|
11 |
2239d |
2252d
|
1/3 |
2237d |
59584701f1e2
ANDROID: keychord: Fix races in keychord_write.
|
BUG: Double free or freeing an invalid pointer
|
syz |
|
|
70 |
2238d |
2256d
|
1/3 |
2237d |
59584701f1e2
ANDROID: keychord: Fix races in keychord_write.
|
KASAN: slab-out-of-bounds Read in keychord_write
|
syz |
|
|
2 |
2258d |
2256d
|
1/3 |
2252d |
913d980e07d8
ANDROID: keychord: Fix a slab out-of-bounds read.
|