|
kernel BUG at drivers/android/binder_alloc.c:LINE!
|
-1 |
C |
|
|
44 |
2381d |
2628d
|
1/3 |
never |
5997da82145b
FROMGIT: binder: fix BUG_ON found by selinux-testsuite
|
|
possible deadlock in seq_read
|
4 |
C |
|
|
56124 |
2376d |
2612d
|
1/3 |
never |
73601ea5b7b1
fs/open.c: allow opening only regular files during execve()
|
|
android-4.9 boot error: general protection fault in ion_heap_destroy
|
-1 |
|
|
|
729 |
2634d |
2672d
|
1/3 |
never |
270fbfb501f1
ANDROID: ion_dummy_driver: Remove SYSTEM_CONTIG heap
|
|
possible deadlock in ashmem_llseek
|
4 |
|
|
|
5 |
3014d |
3059d
|
3/3 |
2615d |
cb57469c9573
staging: android: ashmem: Fix lockdep issue during llseek
|
|
general protection fault in sg_remove_scat
|
2 |
C |
|
|
279 |
2989d |
3171d
|
3/3 |
2807d |
48ae8484e9fc
scsi: sg: don't return bogus Sg_requests
|
|
KASAN: stack-out-of-bounds Read in xt_copy_counters_from_user
|
17 |
C |
|
|
18 |
2816d |
2823d
|
3/3 |
2808d |
e466af75c074
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
|
|
general protection fault in sockfs_setattr
|
2 |
C |
|
|
11 |
2844d |
2863d
|
3/3 |
2843d |
6d8c50dcb029
UPSTREAM: socket: close race condition between sock_close() and sockfs_setattr()
|
|
BUG: unable to handle kernel paging request in page_remove_rmap
|
8 |
C |
|
|
14617 |
2845d |
2851d
|
3/3 |
2845d |
fd7e315988b7
x86/mm: Simplify p[g4um]d_page() macros
|
|
BUG: unable to handle kernel paging request in copy_huge_pmd
|
8 |
C |
|
|
433 |
2845d |
2851d
|
3/3 |
2845d |
fd7e315988b7
x86/mm: Simplify p[g4um]d_page() macros
|
|
BUG: unable to handle kernel paging request in __split_huge_pmd
|
8 |
C |
|
|
174 |
2845d |
2851d
|
3/3 |
2845d |
fd7e315988b7
x86/mm: Simplify p[g4um]d_page() macros
|
|
KASAN: use-after-free Read in __list_del_entry (3)
|
19 |
C |
|
|
9 |
3007d |
3015d
|
3/3 |
2923d |
7aa135fcf263
UPSTREAM: ANDROID: binder: prevent transactions into own process.
|
|
KASAN: use-after-free Read in binder_release_work
|
19 |
C |
|
|
132 |
2964d |
2978d
|
3/3 |
2937d |
7aa135fcf263
UPSTREAM: ANDROID: binder: prevent transactions into own process.
|
|
WARNING in set_precision
|
-1 |
C |
|
|
1320 |
2957d |
3079d
|
3/3 |
2957d |
9c438d7a3a52
KEYS: DNS: limit the length of option strings
|
|
possible deadlock in __might_fault
|
4 |
C |
|
|
10264 |
3000d |
3022d
|
3/3 |
2965d |
740a5759bf22
staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
|
|
BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state
|
4 |
C |
|
|
304159 |
2979d |
3098d
|
2/3 |
2979d |
0dcd7876029b
net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
|
|
WARNING in binder_send_failed_reply
|
-1 |
C |
|
|
74 |
3014d |
3113d
|
2/3 |
3012d |
e46a3b3ba750
UPSTREAM: ANDROID: binder: remove WARN() for redundant txn error
|
|
KASAN: use-after-free Read in remove_wait_queue
|
19 |
C |
|
|
6 |
3027d |
3037d
|
2/3 |
3015d |
5eeb2ca02a2f
ANDROID: binder: synchronize_rcu() when using POLLFREE.
|
|
WARNING in __alloc_pages_slowpath (3)
|
-1 |
C |
|
|
547 |
3017d |
3020d
|
2/3 |
3017d |
f67385227a42
ANDROID: keychord: Check for write data size
|
|
KASAN: double-free or invalid-free in relay_open
|
24 |
C |
|
|
64 |
3031d |
3082d
|
2/3 |
3027d |
a1be1f3931bf
kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
|
|
BUG: Double free or freeing an invalid pointer (2)
|
-1 |
C |
|
|
1 |
3103d |
3103d
|
2/3 |
3027d |
a1be1f3931bf
kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
|
|
KASAN: use-after-free Read in __lock_acquire
|
19 |
C |
|
|
1161 |
3042d |
3113d
|
2/3 |
3034d |
f5cb779ba163
UPSTREAM: ANDROID: binder: remove waitqueue when thread exits.
|
|
BUG: bad unlock balance in ipmr_mfc_seq_stop
|
4 |
C |
|
|
7493 |
3035d |
3113d
|
2/3 |
3034d |
4adfa79fc254
ip6mr: fix stale iterator
|
|
WARNING in task_participate_group_stop
|
-1 |
C |
|
|
15 |
3069d |
3226d
|
2/3 |
3042d |
426915796cca
kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
|
|
general protection fault in ip6_setup_cork
|
2 |
|
|
|
924 |
3141d |
3153d
|
2/3 |
3045d |
864e2a1f8aac
ipv6: flowlabel: do not leave opt->tot_len with garbage
|
|
kernel BUG at net/key/af_key.c:LINE!
|
-1 |
C |
|
|
1 |
3205d |
3205d
|
2/3 |
3045d |
0e74aa1d79a5
xfrm: Copy policy family in clone_policy
|
|
general protection fault in assoc_array_apply_edit
|
2 |
|
|
|
1 |
3147d |
3147d
|
2/3 |
3048d |
ea6789980fda
assoc_array: Fix a buggy node-splitting case
|
|
BUG: unable to handle kernel paging request in snd_seq_oss_readq_puts
|
8 |
C |
|
|
3 |
3182d |
3182d
|
2/3 |
3082d |
132d358b183a
ALSA: seq: Fix OSS sysex delivery in OSS emulation
|
|
KASAN: stack-out-of-bounds Read in memcmp
|
17 |
C |
|
|
4 |
3228d |
3232d
|
1/3 |
3108d |
4c86d77743a5
BACKPORT: xfrm: Don't use sk_family for socket policy lookups
|
|
WARNING in reuseport_alloc
|
-1 |
C |
|
|
106 |
3122d |
3151d
|
1/3 |
3112d |
1b5f962e71bf
soreuseport: fix initialization race
|
|
WARNING in skb_warn_bad_offload
|
-1 |
C |
|
|
442 |
3133d |
3240d
|
1/3 |
3133d |
net: remove open-coded skb_cow_head.
|
|
KASAN: use-after-free Read in fanout_demux_rollover
|
19 |
C |
|
|
5 |
3175d |
3196d
|
1/3 |
3133d |
008ba2a13f2d
packet: hold bind lock when rebinding to fanout hook
|
|
WARNING in __alloc_pages_slowpath
|
-1 |
C |
|
|
2412 |
3139d |
3214d
|
1/3 |
3139d |
7682e399485f
FROMLIST: ALSA: usx2y: Suppress kernel warning at page allocation failures
|
|
KASAN: use-after-free Read in bio_copy_user_iov
|
19 |
syz |
|
|
73 |
3201d |
3232d
|
1/3 |
3147d |
1bc0eb044615
scsi: sg: protect accesses to 'reserved' page array
|
|
BUG: sleeping function called from invalid context at mm/slab.h:LINE
|
-1 |
C |
|
|
3 |
3224d |
3238d
|
1/3 |
3147d |
89e357d83c06
af_key: Add lock to key dump
|
|
BUG: unable to handle kernel NULL pointer dereference in __remove_shared_vm_struct
|
10 |
C |
|
|
1 |
3210d |
3209d
|
1/3 |
3147d |
2b7e8665b4ff
fork: fix incorrect fput of ->exe_file causing use-after-free
|
|
WARNING in __switch_to
|
-1 |
C |
|
|
54 |
3167d |
3235d
|
1/3 |
3147d |
814fb7bb7db5
x86/fpu: Don't let userspace set bogus xcomp_bv
|
|
general protection fault in skb_release_data
|
2 |
|
|
|
1 |
3219d |
3219d
|
1/3 |
3147d |
232cd35d0804
ipv6: fix out of bound writes in __ip6_append_data()
|
|
WARNING in fib6_del
|
-1 |
|
|
|
281 |
3171d |
3208d
|
1/3 |
3149d |
7483cea79957
UPSTREAM: ipv6: fib: Unlink replaced routes from their nodes
|
|
KASAN: use-after-free Read in parse_ipsecrequests
|
19 |
C |
|
|
7 |
3239d |
3240d
|
1/3 |
3209d |
096f41d3a8fc
UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing
|
|
WARNING in __list_add
|
-1 |
C |
|
|
11 |
3222d |
3235d
|
1/3 |
3220d |
59584701f1e2
ANDROID: keychord: Fix races in keychord_write.
|
|
BUG: Double free or freeing an invalid pointer
|
-1 |
syz |
|
|
70 |
3221d |
3239d
|
1/3 |
3220d |
59584701f1e2
ANDROID: keychord: Fix races in keychord_write.
|
|
KASAN: slab-out-of-bounds Read in keychord_write
|
17 |
syz |
|
|
2 |
3241d |
3240d
|
1/3 |
3235d |
913d980e07d8
ANDROID: keychord: Fix a slab out-of-bounds read.
|