syzbot

 sign-in | mailing list | source | docs
🐞 Open [1455]
Subsystems
🐞 Fixed [6739]
🐞 Invalid [17342]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: slab-use-after-free Read in bt_accept_unlink

Status: upstream: reported syz repro on 2024/10/21 08:47
Subsystems: bluetooth
[Documentation on labels]
Reported-by: syzbot+a1595e656a83ea5b78eb@syzkaller.appspotmail.com
First crash: 412d, last: 3d14h
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in bt_accept_unlink 1 (4) 2025/11/15 01:42
Similar bugs (8)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.6 KASAN: slab-use-after-free Read in bt_accept_unlink 19 1 46d 46d 0/2 upstream: reported on 2025/10/03 02:55
linux-6.1 KASAN: use-after-free Read in bt_accept_unlink 19 1 160d 160d 0/3 auto-obsoleted due to no activity on 2025/09/18 23:51
linux-5.15 BUG: corrupted list in bt_accept_unlink 17 3 182d 223d 0/3 auto-obsoleted due to no activity on 2025/08/27 17:34
linux-6.6 KASAN: slab-out-of-bounds Read in bt_accept_unlink 17 1 154d 154d 0/2 auto-obsoleted due to no activity on 2025/09/25 00:09
upstream general protection fault in bt_accept_unlink (2) bluetooth 2 1 1721d 1717d 0/29 auto-closed as invalid on 2021/07/01 06:33
linux-5.15 KASAN: slab-out-of-bounds Read in bt_accept_unlink 17 1 42d 42d 0/3 upstream: reported on 2025/10/07 10:50
upstream BUG: corrupted list in bt_accept_unlink bluetooth 8 syz error error 1 1921d 1921d 0/29 auto-obsoleted due to no activity on 2022/09/07 16:27
linux-4.14 BUG: corrupted list in bt_accept_unlink 8 syz unreliable 1 1807d 1927d 0/1 upstream: reported syz repro on 2020/08/09 08:38
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/11/15 00:45 28m hdanton@sina.com patch git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci OK log

Sample crash report:
==================================================================
BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x8c/0x1b4 lib/list_debug.c:62
Read of size 8 at addr ffff0000f4f2f570 by task syz-executor/10110

CPU: 1 UID: 0 PID: 10110 Comm: syz-executor Not tainted syzkaller #0 PREEMPT 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
Call trace:
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:499 (C)
 __dump_stack+0x30/0x40 lib/dump_stack.c:94
 dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120
 print_address_description+0xa8/0x238 mm/kasan/report.c:378
 print_report+0x68/0x84 mm/kasan/report.c:482
 kasan_report+0xb0/0x110 mm/kasan/report.c:595
 __asan_report_load8_noabort+0x20/0x2c mm/kasan/report_generic.c:381
 __list_del_entry_valid_or_report+0x8c/0x1b4 lib/list_debug.c:62
 __list_del_entry_valid include/linux/list.h:132 [inline]
 __list_del_entry include/linux/list.h:223 [inline]
 list_del_init include/linux/list.h:295 [inline]
 bt_accept_unlink+0x40/0x248 net/bluetooth/af_bluetooth.c:259
 l2cap_sock_teardown_cb+0x148/0x360 net/bluetooth/l2cap_sock.c:1616
 l2cap_chan_del+0xb8/0x470 net/bluetooth/l2cap_core.c:655
 l2cap_conn_del+0x2f8/0x5f0 net/bluetooth/l2cap_core.c:1787
 l2cap_disconn_cfm+0x90/0xe0 net/bluetooth/l2cap_core.c:7325
 hci_disconn_cfm include/net/bluetooth/hci_core.h:2122 [inline]
 hci_conn_hash_flush+0x108/0x218 net/bluetooth/hci_conn.c:2609
 hci_dev_close_sync+0x89c/0x1154 net/bluetooth/hci_sync.c:5308
 hci_dev_do_close net/bluetooth/hci_core.c:501 [inline]
 hci_unregister_dev+0x204/0x4c0 net/bluetooth/hci_core.c:2715
 vhci_release+0x12c/0x17c drivers/bluetooth/hci_vhci.c:690
 __fput+0x340/0x75c fs/file_table.c:468
 ____fput+0x20/0x58 fs/file_table.c:496
 task_work_run+0x1dc/0x260 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x524/0x1a14 kernel/exit.c:966
 do_group_exit+0x194/0x22c kernel/exit.c:1107
 get_signal+0x11dc/0x12f8 kernel/signal.c:3034
 arch_do_signal_or_restart+0x274/0x4414 arch/arm64/kernel/signal.c:1619
 exit_to_user_mode_loop+0x7c/0x178 kernel/entry/common.c:40
 exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
 arm64_exit_to_user_mode arch/arm64/kernel/entry-common.c:81 [inline]
 el0_svc+0x170/0x254 arch/arm64/kernel/entry-common.c:725
 el0t_64_sync_handler+0x84/0x12c arch/arm64/kernel/entry-common.c:743
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:596

Allocated by task 13304:
 kasan_save_stack mm/kasan/common.c:56 [inline]
 kasan_save_track+0x40/0x78 mm/kasan/common.c:77
 kasan_save_alloc_info+0x44/0x54 mm/kasan/generic.c:573
 poison_kmalloc_redzone mm/kasan/common.c:400 [inline]
 __kasan_kmalloc+0x9c/0xb4 mm/kasan/common.c:417
 kasan_kmalloc include/linux/kasan.h:262 [inline]
 __do_kmalloc_node mm/slub.c:5646 [inline]
 __kmalloc_noprof+0x3fc/0x728 mm/slub.c:5658
 kmalloc_noprof include/linux/slab.h:961 [inline]
 sk_prot_alloc+0xc4/0x1f0 net/core/sock.c:2239
 sk_alloc+0x44/0x3ac net/core/sock.c:2295
 pfkey_create+0xcc/0x520 net/key/af_key.c:152
 __sock_create+0x43c/0x91c net/socket.c:1605
 sock_create net/socket.c:1663 [inline]
 __sys_socket_create net/socket.c:1700 [inline]
 __sys_socket+0xd4/0x1c0 net/socket.c:1747
 __do_sys_socket net/socket.c:1761 [inline]
 __se_sys_socket net/socket.c:1759 [inline]
 __arm64_sys_socket+0x7c/0x94 net/socket.c:1759
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x254 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0xe8/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x5c/0x254 arch/arm64/kernel/entry-common.c:724
 el0t_64_sync_handler+0x84/0x12c arch/arm64/kernel/entry-common.c:743
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:596

Freed by task 13304:
 kasan_save_stack mm/kasan/common.c:56 [inline]
 kasan_save_track+0x40/0x78 mm/kasan/common.c:77
 __kasan_save_free_info+0x58/0x70 mm/kasan/generic.c:587
 kasan_save_free_info mm/kasan/kasan.h:406 [inline]
 poison_slab_object mm/kasan/common.c:252 [inline]
 __kasan_slab_free+0x74/0xa4 mm/kasan/common.c:284
 kasan_slab_free include/linux/kasan.h:234 [inline]
 slab_free_hook mm/slub.c:2539 [inline]
 slab_free mm/slub.c:6634 [inline]
 kfree+0x184/0x600 mm/slub.c:6841
 sk_prot_free net/core/sock.c:2278 [inline]
 __sk_destruct+0x514/0x780 net/core/sock.c:2373
 sk_destruct net/core/sock.c:2401 [inline]
 __sk_free+0x320/0x430 net/core/sock.c:2412
 sk_free+0x60/0xc8 net/core/sock.c:2423
 sock_put include/net/sock.h:1972 [inline]
 pfkey_release+0x254/0x338 net/key/af_key.c:186
 __sock_release net/socket.c:662 [inline]
 sock_close+0xa0/0x1e4 net/socket.c:1455
 __fput+0x340/0x75c fs/file_table.c:468
 ____fput+0x20/0x58 fs/file_table.c:496
 task_work_run+0x1dc/0x260 kernel/task_work.c:227
 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
 exit_to_user_mode_loop+0xfc/0x178 kernel/entry/common.c:43
 exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
 arm64_exit_to_user_mode arch/arm64/kernel/entry-common.c:81 [inline]
 el0_svc+0x170/0x254 arch/arm64/kernel/entry-common.c:725
 el0t_64_sync_handler+0x84/0x12c arch/arm64/kernel/entry-common.c:743
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:596

The buggy address belongs to the object at ffff0000f4f2f000
 which belongs to the cache kmalloc-2k of size 2048
The buggy address is located 1392 bytes inside of
 freed 2048-byte region [ffff0000f4f2f000, ffff0000f4f2f800)

The buggy address belongs to the physical page:
page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x134f28
head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
anon flags: 0x5ffc00000000040(head|node=0|zone=2|lastcpupid=0x7ff)
page_type: f5(slab)
raw: 05ffc00000000040 ffff0000c0002000 0000000000000000 dead000000000001
raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
head: 05ffc00000000040 ffff0000c0002000 0000000000000000 dead000000000001
head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
head: 05ffc00000000003 fffffdffc3d3ca01 00000000ffffffff 00000000ffffffff
head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff0000f4f2f400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff0000f4f2f480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff0000f4f2f500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                                                             ^
 ffff0000f4f2f580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff0000f4f2f600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
 slab kmalloc-2k start ffff0000f4f2f000 pointer offset 1392 size 2048
list_del corruption. prev->next should be ffff0000d9262570, but was 0000000000000000. (prev=ffff0000f4f2f570)
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:64!
Internal error: Oops - BUG: 00000000f2000800 [#1]  SMP
Modules linked in:
CPU: 1 UID: 0 PID: 10110 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
Tainted: [B]=BAD_PAGE
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
pstate: 63400005 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
pc : __list_del_entry_valid_or_report+0x17c/0x1b4 lib/list_debug.c:62
lr : __list_del_entry_valid_or_report+0x17c/0x1b4 lib/list_debug.c:62
sp : ffff80009bed7370
x29: ffff80009bed7370 x28: 0000000000000003 x27: ffff0000f6f3e00c
x26: ffff0000f6f3e000 x25: 1fffe0001ede7c02 x24: dfff800000000000
x23: 1fffe0001e9e5eae x22: dfff800000000000 x21: ffff0000f4f2f570
x20: ffff0000f4f2f570 x19: ffff0000d9262570 x18: 1fffe000337dfe90
x17: 20747562202c3037 x16: ffff800082debe40 x15: 0000000000000001
x14: 1fffe000337dfefa x13: 0000000000000000 x12: 0000000000000000
x11: ffff6000337dfefb x10: 0000000000ff0100 x9 : 6db35dbdbd571600
x8 : 6db35dbdbd571600 x7 : fffffffffffce210 x6 : ffff8000805653c0
x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff8000807d6608
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 000000000000006d
Call trace:
 __list_del_entry_valid_or_report+0x17c/0x1b4 lib/list_debug.c:62 (P)
 __list_del_entry_valid include/linux/list.h:132 [inline]
 __list_del_entry include/linux/list.h:223 [inline]
 list_del_init include/linux/list.h:295 [inline]
 bt_accept_unlink+0x40/0x248 net/bluetooth/af_bluetooth.c:259
 l2cap_sock_teardown_cb+0x148/0x360 net/bluetooth/l2cap_sock.c:1616
 l2cap_chan_del+0xb8/0x470 net/bluetooth/l2cap_core.c:655
 l2cap_conn_del+0x2f8/0x5f0 net/bluetooth/l2cap_core.c:1787
 l2cap_disconn_cfm+0x90/0xe0 net/bluetooth/l2cap_core.c:7325
 hci_disconn_cfm include/net/bluetooth/hci_core.h:2122 [inline]
 hci_conn_hash_flush+0x108/0x218 net/bluetooth/hci_conn.c:2609
 hci_dev_close_sync+0x89c/0x1154 net/bluetooth/hci_sync.c:5308
 hci_dev_do_close net/bluetooth/hci_core.c:501 [inline]
 hci_unregister_dev+0x204/0x4c0 net/bluetooth/hci_core.c:2715
 vhci_release+0x12c/0x17c drivers/bluetooth/hci_vhci.c:690
 __fput+0x340/0x75c fs/file_table.c:468
 ____fput+0x20/0x58 fs/file_table.c:496
 task_work_run+0x1dc/0x260 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x524/0x1a14 kernel/exit.c:966
 do_group_exit+0x194/0x22c kernel/exit.c:1107
 get_signal+0x11dc/0x12f8 kernel/signal.c:3034
 arch_do_signal_or_restart+0x274/0x4414 arch/arm64/kernel/signal.c:1619
 exit_to_user_mode_loop+0x7c/0x178 kernel/entry/common.c:40
 exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
 arm64_exit_to_user_mode arch/arm64/kernel/entry-common.c:81 [inline]
 el0_svc+0x170/0x254 arch/arm64/kernel/entry-common.c:725
 el0t_64_sync_handler+0x84/0x12c arch/arm64/kernel/entry-common.c:743
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:596
Code: 910d0000 aa1303e1 aa1503e3 974c6749 (d4210000) 
---[ end trace 0000000000000000 ]---

Crashes (99):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/11/14 23:12 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci db9030a787e3 f7988ea4 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/10/27 07:49 upstream 4bb1f7e19c4a c0460fcd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/10/24 22:19 upstream 6fab32bb6508 c0460fcd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/09/24 12:39 upstream cec1e6e5d1ab 0abd0691 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/08/30 01:28 upstream fb679c832b64 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/31 08:27 upstream e8d780dcd957 f8f2b4da .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/26 16:32 upstream 5f33ebd2018c fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/25 12:24 upstream 2942242dde89 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/24 06:39 upstream 01a412d06bc5 0c1d6ded .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/22 20:08 upstream 89be9a83ccf1 85deaf45 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/19 17:45 upstream 4871b7cb27f4 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/13 06:48 upstream 3f31a806a62e 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/10 23:13 upstream bc9ff192a6c9 19d4829f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/08 10:43 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/08 05:26 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/06/21 10:35 upstream 11313e2f7812 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/06/10 12:19 upstream f09079bd04a9 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/24 06:58 upstream 4856ebd99715 ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/20 23:45 upstream b36ddb9210e6 8f9cf946 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/20 00:04 upstream a5806cd506af 8f9cf946 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/11/07 06:27 upstream c2c2ccfd4ba7 4e1406b4 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/10/24 20:23 upstream 6fab32bb6508 c0460fcd .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/08/20 23:44 upstream 41cd3fd15263 0b9605c8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/24 10:17 upstream f9af7b5d9349 0c1d6ded .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/10 03:28 upstream 8c2e52ebbe88 956bd956 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/02 06:14 upstream 66701750d556 bc80e4f0 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/01 08:59 upstream 66701750d556 6e83b42d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/01 04:37 upstream 66701750d556 6e83b42d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/06/14 17:20 upstream 4774cfe3543a 5f4b362d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/29 12:37 upstream 90b83efa6701 3d2f584d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2024/10/10 10:49 upstream d3d1556696c1 a156c552 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2024/10/01 18:11 upstream e32cde8d2bd7 e9f6e118 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/09/21 02:28 upstream 3b08f56fbbb9 67c37560 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/09/26 00:32 linux-next 8e2755d7779a 0abd0691 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce KASAN: slab-use-after-free Read in bt_accept_unlink
2025/06/30 03:14 linux-next 2aeda9592360 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/11/12 18:32 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 74c964729281 07e030de .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/11/06 00:36 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci dcb6fa37fd7b a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/11/04 04:38 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci dcb6fa37fd7b 686bf657 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/08/19 11:32 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 8f5ae30d69d7 523f460e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/08/17 16:07 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 8f5ae30d69d7 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/27 03:08 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 82af5ea7c611 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/16 13:47 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci ec4801305969 c118d736 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/10/19 00:39 upstream f406055cb18c 1c8c8cd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in bt_accept_unlink
2025/10/15 07:49 upstream 9b332cece987 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/08/31 05:29 upstream c8bc81a52d5a 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/08/25 11:44 upstream 1b237f190eb3 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/08/25 08:02 upstream c330cb607721 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in bt_accept_unlink
2025/08/07 02:01 upstream 479058002c32 4bd24a3e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/07/17 05:04 upstream e2291551827f 44f8051e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in bt_accept_unlink
2025/07/14 03:02 upstream 5d5d62298b8b 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/05/19 03:37 upstream a5806cd506af f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/10/13 23:46 upstream 3a8660878839 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/07/01 03:14 upstream 66701750d556 6e83b42d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/06/29 08:47 upstream dfba48a70cb6 fc9d8ee5 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/06/18 09:49 upstream 52da431bf03b 74c9d252 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/11/06 07:38 upstream dc77806cf3b4 a6c9c731 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/06/25 12:02 upstream 7595b66ae9de 26d77996 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/06/11 12:51 upstream aef17cb3d3c4 5d7e17ca .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 BUG: corrupted list in bt_accept_unlink
2025/11/02 05:42 linux-next 98bd8b16ae57 2c50b6a9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/11/01 11:32 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci dcb6fa37fd7b 2c50b6a9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: corrupted list in bt_accept_unlink
2025/10/27 17:44 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci b98c94eed4a9 fd2207e7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/10/23 20:10 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci b98c94eed4a9 c0460fcd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: corrupted list in bt_accept_unlink
2025/08/03 10:37 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 82af5ea7c611 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: use-after-free Read in bt_accept_unlink
* Struck through repros no longer work on HEAD.