kernel BUG at drivers/android/binder_alloc.c:LINE!
|
-1 |
C |
|
|
44 |
2119d |
2366d
|
1/3 |
never |
c8ddc8cc40e6
FROMGIT: binder: fix BUG_ON found by selinux-testsuite
|
possible deadlock in seq_read
|
4 |
C |
|
|
56124 |
2114d |
2350d
|
1/3 |
never |
7d7637dafc59
fs/open.c: allow opening only regular files during execve()
|
android-4.9 boot error: general protection fault in ion_heap_destroy
|
-1 |
|
|
|
729 |
2371d |
2410d
|
1/3 |
never |
270fbfb501f1
ANDROID: ion_dummy_driver: Remove SYSTEM_CONTIG heap
|
possible deadlock in ashmem_llseek
|
4 |
|
|
|
5 |
2752d |
2797d
|
3/3 |
2353d |
1d47c874cd72
staging: android: ashmem: Fix lockdep issue during llseek
|
general protection fault in sg_remove_scat
|
2 |
C |
|
|
279 |
2727d |
2909d
|
3/3 |
2545d |
6505dd1f7f55
scsi: sg: don't return bogus Sg_requests
|
KASAN: stack-out-of-bounds Read in xt_copy_counters_from_user
|
17 |
C |
|
|
18 |
2554d |
2561d
|
3/3 |
2546d |
3ea051bcf2cd
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
|
general protection fault in sockfs_setattr
|
2 |
C |
|
|
11 |
2582d |
2601d
|
3/3 |
2581d |
7fa8c15e72a4
UPSTREAM: socket: close race condition between sock_close() and sockfs_setattr()
|
BUG: unable to handle kernel paging request in page_remove_rmap
|
8 |
C |
|
|
14617 |
2583d |
2589d
|
3/3 |
2583d |
89c059b66a08
x86/mm: Simplify p[g4um]d_page() macros
|
BUG: unable to handle kernel paging request in copy_huge_pmd
|
8 |
C |
|
|
433 |
2583d |
2589d
|
3/3 |
2583d |
89c059b66a08
x86/mm: Simplify p[g4um]d_page() macros
|
BUG: unable to handle kernel paging request in __split_huge_pmd
|
8 |
C |
|
|
174 |
2583d |
2589d
|
3/3 |
2583d |
89c059b66a08
x86/mm: Simplify p[g4um]d_page() macros
|
KASAN: use-after-free Read in __list_del_entry (3)
|
19 |
C |
|
|
9 |
2745d |
2753d
|
3/3 |
2661d |
c4048b20ffc5
UPSTREAM: ANDROID: binder: prevent transactions into own process.
|
KASAN: use-after-free Read in binder_release_work
|
19 |
C |
|
|
132 |
2702d |
2716d
|
3/3 |
2674d |
c4048b20ffc5
UPSTREAM: ANDROID: binder: prevent transactions into own process.
|
WARNING in set_precision
|
-1 |
C |
|
|
1320 |
2695d |
2817d
|
3/3 |
2695d |
06a02a816890
KEYS: DNS: limit the length of option strings
|
possible deadlock in __might_fault
|
4 |
C |
|
|
10264 |
2738d |
2760d
|
3/3 |
2702d |
d3c79a38843b
staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
|
BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state
|
4 |
C |
|
|
304159 |
2717d |
2836d
|
2/3 |
2717d |
30df7fb50d32
net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
|
WARNING in binder_send_failed_reply
|
-1 |
C |
|
|
74 |
2752d |
2850d
|
2/3 |
2750d |
d3a2afb9382e
UPSTREAM: ANDROID: binder: remove WARN() for redundant txn error
|
KASAN: use-after-free Read in remove_wait_queue
|
19 |
C |
|
|
6 |
2765d |
2774d
|
2/3 |
2753d |
b6c6212514fe
ANDROID: binder: synchronize_rcu() when using POLLFREE.
|
WARNING in __alloc_pages_slowpath (3)
|
-1 |
C |
|
|
547 |
2755d |
2758d
|
2/3 |
2755d |
f67385227a42
ANDROID: keychord: Check for write data size
|
KASAN: double-free or invalid-free in relay_open
|
22 |
C |
|
|
64 |
2769d |
2820d
|
2/3 |
2765d |
91cebf98cd94
kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
|
BUG: Double free or freeing an invalid pointer (2)
|
-1 |
C |
|
|
1 |
2841d |
2841d
|
2/3 |
2765d |
91cebf98cd94
kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
|
KASAN: use-after-free Read in __lock_acquire
|
19 |
C |
|
|
1161 |
2780d |
2851d
|
2/3 |
2772d |
550c01d0e051
UPSTREAM: ANDROID: binder: remove waitqueue when thread exits.
|
BUG: bad unlock balance in ipmr_mfc_seq_stop
|
4 |
C |
|
|
7493 |
2773d |
2851d
|
2/3 |
2772d |
7d3d60ef2256
ip6mr: fix stale iterator
|
WARNING in task_participate_group_stop
|
-1 |
C |
|
|
15 |
2807d |
2964d
|
2/3 |
2780d |
4d53eb494950
kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
|
general protection fault in ip6_setup_cork
|
2 |
|
|
|
924 |
2879d |
2891d
|
2/3 |
2783d |
28fa583fd8ce
ipv6: flowlabel: do not leave opt->tot_len with garbage
|
kernel BUG at net/key/af_key.c:LINE!
|
-1 |
C |
|
|
1 |
2943d |
2943d
|
2/3 |
2783d |
6ceabde66643
xfrm: Copy policy family in clone_policy
|
general protection fault in assoc_array_apply_edit
|
2 |
|
|
|
1 |
2885d |
2885d
|
2/3 |
2786d |
67bcc5e530d5
assoc_array: Fix a buggy node-splitting case
|
BUG: unable to handle kernel paging request in snd_seq_oss_readq_puts
|
8 |
C |
|
|
3 |
2920d |
2920d
|
2/3 |
2820d |
4b52c3170bd8
ALSA: seq: Fix OSS sysex delivery in OSS emulation
|
KASAN: stack-out-of-bounds Read in memcmp
|
17 |
C |
|
|
4 |
2966d |
2970d
|
1/3 |
2846d |
0b8656414e29
BACKPORT: xfrm: Don't use sk_family for socket policy lookups
|
WARNING in reuseport_alloc
|
-1 |
C |
|
|
106 |
2860d |
2889d
|
1/3 |
2850d |
3b0b4d2c47ec
soreuseport: fix initialization race
|
WARNING in skb_warn_bad_offload
|
-1 |
C |
|
|
442 |
2871d |
2977d
|
1/3 |
2871d |
net: remove open-coded skb_cow_head.
|
KASAN: use-after-free Read in fanout_demux_rollover
|
19 |
C |
|
|
5 |
2913d |
2934d
|
1/3 |
2871d |
6f7cdd4aa0a4
packet: hold bind lock when rebinding to fanout hook
|
WARNING in __alloc_pages_slowpath
|
-1 |
C |
|
|
2412 |
2877d |
2952d
|
1/3 |
2877d |
1f46caef2914
FROMLIST: ALSA: usx2y: Suppress kernel warning at page allocation failures
|
KASAN: use-after-free Read in bio_copy_user_iov
|
19 |
syz |
|
|
73 |
2939d |
2970d
|
1/3 |
2885d |
4099ac938385
scsi: sg: protect accesses to 'reserved' page array
|
BUG: sleeping function called from invalid context at mm/slab.h:LINE
|
-1 |
C |
|
|
3 |
2962d |
2976d
|
1/3 |
2885d |
0f94b36de37c
af_key: Add lock to key dump
|
BUG: unable to handle kernel NULL pointer dereference in __remove_shared_vm_struct
|
10 |
C |
|
|
1 |
2948d |
2947d
|
1/3 |
2885d |
b65b6ac52e0f
fork: fix incorrect fput of ->exe_file causing use-after-free
|
WARNING in __switch_to
|
-1 |
C |
|
|
54 |
2905d |
2973d
|
1/3 |
2885d |
5e9b07f30d21
x86/fpu: Don't let userspace set bogus xcomp_bv
|
general protection fault in skb_release_data
|
2 |
|
|
|
1 |
2957d |
2957d
|
1/3 |
2885d |
304b41014acb
ipv6: fix out of bound writes in __ip6_append_data()
|
WARNING in fib6_del
|
-1 |
|
|
|
281 |
2909d |
2946d
|
1/3 |
2887d |
9b2b08179641
UPSTREAM: ipv6: fib: Unlink replaced routes from their nodes
|
KASAN: use-after-free Read in parse_ipsecrequests
|
19 |
C |
|
|
7 |
2977d |
2977d
|
1/3 |
2947d |
3c17d418afb0
UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing
|
WARNING in __list_add
|
-1 |
C |
|
|
11 |
2960d |
2973d
|
1/3 |
2958d |
59584701f1e2
ANDROID: keychord: Fix races in keychord_write.
|
BUG: Double free or freeing an invalid pointer
|
-1 |
syz |
|
|
70 |
2959d |
2977d
|
1/3 |
2958d |
59584701f1e2
ANDROID: keychord: Fix races in keychord_write.
|
KASAN: slab-out-of-bounds Read in keychord_write
|
17 |
syz |
|
|
2 |
2979d |
2977d
|
1/3 |
2973d |
913d980e07d8
ANDROID: keychord: Fix a slab out-of-bounds read.
|