| KASAN: use-after-free Read in ieee80211_ibss_build_presp |
C |
|
done |
2 |
30d |
176d
|
11h19m |
d2ddd541
mac80211: fix double free in ibss_leave
|
| possible deadlock in red_adaptative_timer |
C |
|
done |
2 |
32d |
123d
|
2d02h |
43c9bffd
net: sched: validate stab values
|
| BUG: unable to handle kernel NULL pointer dereference in vhci_shutdown_connection |
syz |
|
done |
1335 |
36d |
127d
|
4d03h |
534d2cf4
usbip: synchronize event handler with sysfs code paths
|
| WARNING in ext4_xattr_set_entry |
C |
|
done |
19 |
48d |
204d
|
15d |
470f69cb
ext4: do not try to set xattr into ea_inode if value is empty
|
| BUG: unable to handle kernel NULL pointer dereference in amp_read_loc_assoc_final_data |
C |
|
done |
207 |
48d |
266d
|
15d |
2f642a2b
Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
|
| KASAN: use-after-free Read in ntfs_iget |
C |
|
done |
2 |
61d |
137d
|
30d |
49ee014a
ntfs: check for valid standard information attribute
|
| KASAN: use-after-free Read in ntfs_read_locked_inode |
C |
|
done |
2 |
62d |
214d
|
32d |
49ee014a
ntfs: check for valid standard information attribute
|
| KASAN: slab-out-of-bounds Read in squashfs_export_iget |
C |
|
done |
4 |
90d |
193d
|
56d |
69396cfd
squashfs: add more sanity checks in inode lookup
|
| general protection fault in ieee80211_subif_start_xmit |
syz |
|
done |
1 |
87d |
147d
|
56d |
d882652c
mac80211: pause TX while changing interface type
|
| general protection fault in ioctl_standard_call |
C |
|
done |
24 |
88d |
183d
|
56d |
173b67cf
wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
|
| KASAN: slab-out-of-bounds Read in squashfs_get_id |
C |
|
|
11 |
59d |
213d
|
58d |
8d9ca7e3
squashfs: add more sanity checks in id lookup
|
| KASAN: use-after-free Read in squashfs_get_id |
C |
|
|
1 |
59d |
155d
|
58d |
8d9ca7e3
squashfs: add more sanity checks in id lookup
|
| KASAN: use-after-free Read in reiserfs_fill_super |
C |
|
done |
2 |
107d |
107d
|
60d |
b74d5f70
reiserfs: add check for an invalid ih_entry_count
|
| divide error in do_journal_end |
C |
|
done |
1 |
104d |
164d
|
60d |
b74d5f70
reiserfs: add check for an invalid ih_entry_count
|
| KASAN: use-after-free Read in search_by_entry_key |
C |
|
done |
3 |
107d |
213d
|
60d |
b74d5f70
reiserfs: add check for an invalid ih_entry_count
|
| KASAN: use-after-free Read in reiserfs_read_locked_inode |
C |
|
done |
5 |
109d |
214d
|
62d |
b74d5f70
reiserfs: add check for an invalid ih_entry_count
|
| general protection fault in dqput |
C |
|
done |
1 |
116d |
116d
|
86d |
a9c625fc
quota: Sanity-check quota file headers on load
|
| KASAN: use-after-free Read in leaf_paste_entries |
C |
|
done |
6 |
118d |
162d
|
86d |
b74d5f70
reiserfs: add check for an invalid ih_entry_count
|
| general protection fault in hci_phy_link_complete_evt |
C |
|
done |
40 |
117d |
264d
|
86d |
4113f6f7
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
| BUG: unable to handle kernel paging request in dquot_add_inodes |
C |
|
done |
2 |
119d |
141d
|
89d |
a9c625fc
quota: Sanity-check quota file headers on load
|
| BUG: unable to handle kernel paging request in dqput |
C |
|
done |
9 |
122d |
211d
|
90d |
a9c625fc
quota: Sanity-check quota file headers on load
|
| kernel BUG at net/core/dev.c:LINE! |
C |
|
inconclusive |
3 |
115d |
384d
|
95d |
8f9a69a9
net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet
|
| kernel BUG at fs/reiserfs/prints.c:LINE! |
C |
|
done |
3 |
130d |
211d
|
100d |
b74d5f70
reiserfs: add check for an invalid ih_entry_count
|
| general protection fault in get_work_pool |
C |
|
done |
1 |
133d |
163d
|
103d |
42a387dc
mac80211: mesh: fix mesh_pathtbl_init() error path
|
| BUG: corrupted list in dquot_disable |
C |
|
done |
1 |
135d |
135d
|
104d |
a9c625fc
quota: Sanity-check quota file headers on load
|
| KASAN: use-after-free Read in sco_chan_del |
C |
|
done |
10 |
137d |
262d
|
107d |
4113f6f7
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
| INFO: trying to register non-static key in rhashtable_free_and_destroy |
C |
|
done |
4 |
141d |
155d
|
108d |
42a387dc
mac80211: mesh: fix mesh_pathtbl_init() error path
|
| KASAN: slab-out-of-bounds Read in hci_le_meta_evt |
C |
|
done |
15 |
144d |
263d
|
113d |
7ee2cd49
Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
|
| BUG: unable to handle kernel paging request in dquot_add_space |
C |
|
done |
1 |
144d |
204d
|
114d |
a9c625fc
quota: Sanity-check quota file headers on load
|
| BUG: sleeping function called from invalid context in sta_info_move_state |
C |
|
done |
1101 |
149d |
152d
|
119d |
89ab6b90
mac80211: free sta in sta_info_insert_finish() on errors
|
| general protection fault in qp_release_pages |
C |
|
done |
2 |
151d |
182d
|
120d |
2b8c7395
VMCI: check return value of get_user_pages_fast() for errors
|
| WARNING in unlock_new_inode |
C |
|
done |
55 |
178d |
215d
|
147d |
a8ca9f68
reiserfs: only call unlock_new_inode() if I_NEW
|
| KASAN: slab-out-of-bounds Write in init_sb |
C |
|
done |
3 |
179d |
213d
|
149d |
78734edd
gfs2: add validation checks for size of superblock
|
| KASAN: global-out-of-bounds Read in fbcon_resize |
C |
|
done |
529 |
184d |
232d
|
153d |
d31eccab
fbcon: Fix user font detection test at fbcon_resize().
|
| INFO: task hung in ucma_close |
C |
|
done |
421 |
184d |
596d
|
153d |
ef13017d
RDMA/ucma: ucma_context reference leak in error path
|
| KASAN: global-out-of-bounds Read in vga16fb_imageblit |
C |
|
done |
723 |
184d |
507d
|
153d |
0472aa0c
video: fbdev: fix OOB read in vga_8planes_imageblit()
|
| KASAN: slab-out-of-bounds Read in ntfs_attr_find |
C |
|
done |
10 |
184d |
211d
|
153d |
d2918cca
ntfs: add check for mft record size in superblock
|
| KASAN: global-out-of-bounds Read in fbcon_get_font |
C |
|
done |
42 |
190d |
506d
|
160d |
30386c13
fbcon: Fix global-out-of-bounds read in fbcon_get_font()
|
| KASAN: use-after-free Read in ntfs_attr_find |
C |
|
done |
4 |
192d |
211d
|
162d |
d2918cca
ntfs: add check for mft record size in superblock
|
| KASAN: global-out-of-bounds Read in get_unique_tuple |
C |
|
done |
5 |
205d |
377d
|
175d |
60634d81
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
| general protection fault in open_xa_dir |
C |
|
done |
1 |
213d |
213d
|
182d |
e2b6b343
reiserfs: Fix oops during mount
|
| KASAN: use-after-free Read in rxrpc_see_skb |
syz |
|
done |
1 |
234d |
234d
|
183d |
38eefb19
MIPS: SNI: Fix MIPS_L1_CACHE_SHIFT
|
| INFO: task hung in nbd_ioctl (2) |
C |
|
done |
16 |
230d |
475d
|
183d |
7241d653
tipc: fix shutdown() of connection oriented socket
|
| WARNING in restore_regulatory_settings |
C |
|
done |
2264 |
225d |
471d
|
195d |
02015d24
cfg80211: regulatory: reject invalid hints
|
| general protection fault in __sock_release |
syz |
|
done |
12 |
226d |
238d
|
195d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| general protection fault in locks_remove_file |
syz |
|
done |
6 |
226d |
237d
|
196d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| general protection fault in tty_release |
C |
|
done |
10 |
227d |
237d
|
197d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in seq_release_private |
syz |
|
done |
1 |
228d |
228d
|
197d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING: ODEBUG bug in corrupted |
syz |
|
done |
1 |
228d |
228d
|
197d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING: ODEBUG bug in exit_to_usermode_loop |
syz |
|
done |
2 |
230d |
232d
|
199d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in __sock_release |
syz |
|
done |
3 |
231d |
239d
|
199d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING in snd_pcm_drop |
syz |
|
done |
1 |
230d |
230d
|
199d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| BUG: corrupted list in fuse_dev_free |
syz |
|
done |
1 |
232d |
232d
|
201d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| general protection fault in kmem_cache_free |
syz |
|
done |
3 |
233d |
233d
|
202d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in snd_pcm_oss_release |
syz |
|
done |
1 |
233d |
233d
|
202d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Write in ex_handler_refcount |
C |
|
done |
16 |
233d |
442d
|
202d |
af7122cf
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
|
| KASAN: double-free or invalid-free in (null) |
syz |
|
done |
1 |
234d |
234d
|
203d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| BUG: corrupted list in mousedev_release |
syz |
|
done |
1 |
235d |
235d
|
205d |
c5c6e00f
fix regression in "epoll: Keep a reference on files added to the check list"
|
| INFO: trying to register non-static key in uhid_char_release |
C |
|
done |
2 |
236d |
255d
|
206d |
9e5894b7
HID: core: Correctly handle ReportSize being zero
|
| KASAN: slab-out-of-bounds Read in hci_event_packet |
C |
|
done |
17 |
248d |
722d
|
218d |
68bb9edd
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
|
| KASAN: slab-out-of-bounds Read in hci_inquiry_result_with_rssi_evt |
C |
|
done |
6 |
249d |
265d
|
218d |
68bb9edd
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
|
| KASAN: use-after-free Read in get_block |
C |
|
done |
8 |
254d |
379d
|
223d |
0900097e
fs/minix: reject too-large maximum file size
|
| WARNING in inc_nlink |
C |
|
done |
21 |
254d |
397d
|
224d |
12490f06
fs/minix: don't allow getting deleted inodes
|
| KASAN: slab-out-of-bounds Read in get_block |
C |
|
done |
2 |
254d |
284d
|
224d |
0900097e
fs/minix: reject too-large maximum file size
|
| BUG: unable to handle kernel NULL pointer dereference in get_block |
C |
|
done |
45 |
255d |
402d
|
225d |
3c775629
fs/minix: check return value of sb_getblk()
|
| KASAN: slab-out-of-bounds Read in hci_extended_inquiry_result_evt |
C |
|
done |
5 |
258d |
263d
|
226d |
d91299b8
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
| KASAN: use-after-free Read in delete_and_unsubscribe_port |
syz |
|
done |
2 |
266d |
266d
|
233d |
ccafbed8
ALSA: seq: oss: Serialize ioctls
|
| KASAN: double-free or invalid-free in 0x2 |
syz |
|
done |
1 |
267d |
267d
|
233d |
ccafbed8
ALSA: seq: oss: Serialize ioctls
|
| INFO: task hung in fb_release |
C |
|
done |
48 |
269d |
500d
|
237d |
c388072f
fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
|
| unregister_netdevice: waiting for DEV to become free |
C |
|
done |
120 |
295d |
734d
|
264d |
0f7f0b05
ipvs: fix tinfo memory leak in start_sync_thread
|
| general protection fault in batadv_iv_ogm_schedule_buff |
|
|
|
1 |
371d |
371d
|
288d |
e181bb93
batman-adv: Don't schedule OGM for disabled interface
|
| KASAN: null-ptr-deref Write in choke_reset |
C |
|
done |
283 |
338d |
368d
|
307d |
4836eb6b
sch_choke: avoid potential panic in choke_reset()
|
| KASAN: use-after-free Read in do_blk_trace_setup |
C |
|
done |
342 |
338d |
742d
|
308d |
b390c22c
blktrace: fix unlocked access to init/start-stop/teardown
|
| WARNING in xfrm_policy_insert |
syz |
|
done |
8 |
342d |
601d
|
312d |
1cd914b0
xfrm: fix a warning in xfrm_policy_insert_list
|
| KASAN: slab-out-of-bounds Write in snd_rawmidi_kernel_write1 |
C |
|
done |
1 |
343d |
373d
|
313d |
8645ac36
ALSA: rawmidi: Fix racy buffer resize under concurrent accesses
|
| WARNING: ODEBUG bug in route4_change |
C |
|
done |
23 |
385d |
414d
|
355d |
f0c92f59
net_sched: cls_route: remove the right filter from hashtable
|
| KASAN: use-after-free Write in release_tty |
C |
|
done |
124 |
386d |
506d
|
356d |
b9eb60a0
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
| WARNING: ODEBUG bug in rfcomm_dev_ioctl |
C |
|
done |
2 |
395d |
395d
|
364d |
0da9c032
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
|
| KASAN: slab-out-of-bounds Read in selinux_xfrm_alloc_user |
C |
|
done |
1 |
396d |
396d
|
366d |
25106012
xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
|
| WARNING: refcount bug in sock_wfree |
C |
done |
done |
3 |
397d |
518d
|
367d |
968f831d
sctp: fix refcount bug in sctp_wfree
|
| KASAN: use-after-free Write in tcindex_set_parms |
C |
|
done |
3 |
399d |
400d
|
369d |
9f8b6c44
net_sched: keep alloc_hash updated after hash allocation
|
| KASAN: slab-out-of-bounds Write in tcindex_set_parms |
C |
|
done |
2 |
400d |
400d
|
370d |
9f8b6c44
net_sched: keep alloc_hash updated after hash allocation
|
| WARNING: ODEBUG bug in rfcomm_dlc_free |
C |
|
done |
16 |
403d |
635d
|
372d |
0da9c032
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
|
| KASAN: use-after-free Read in tty_open |
C |
|
done |
5 |
405d |
507d
|
374d |
b9eb60a0
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
| KASAN: use-after-free Read in tty_buffer_cancel_work |
C |
|
done |
2 |
414d |
502d
|
384d |
b9eb60a0
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
| KASAN: use-after-free Read in get_work_pool |
C |
|
done |
1 |
415d |
505d
|
385d |
b9eb60a0
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
| KASAN: use-after-free Read in n_tty_receive_buf_common |
C |
|
done |
25 |
417d |
505d
|
385d |
a4719f6d
vt: selection, push sel_lock up
|
| WARNING: kernel stack frame pointer has bad value |
C |
|
done |
65 |
422d |
725d
|
387d |
377d7378
fjes: fix missed check in fjes_acpi_add
|
| INFO: task hung in paste_selection |
C |
|
done |
8 |
422d |
498d
|
392d |
7c315855
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
|
| INFO: task hung in drain_all_pages |
C |
|
done |
1 |
423d |
423d
|
392d |
a86265ed
netfilter: xt_hashlimit: limit the max size of hashtable
|
| INFO: task hung in tty_ldisc_hangup |
C |
|
done |
17 |
430d |
501d
|
400d |
a4719f6d
vt: selection, push sel_lock up
|
| INFO: task hung in hashlimit_mt_check_common |
C |
|
done |
6 |
433d |
485d
|
401d |
a86265ed
netfilter: xt_hashlimit: limit the max size of hashtable
|
| KASAN: stack-out-of-bounds Write in ax25_getname |
C |
|
done |
4 |
432d |
728d
|
401d |
ff8e12b0
vhost: Check docket sk_family instead of call getname
|
| KASAN: slab-out-of-bounds Read in tcf_exts_destroy |
C |
|
done |
1 |
437d |
550d
|
406d |
6cb448ee
net_sched: fix an OOB access in cls_tcindex
|
| general protection fault in path_openat |
C |
|
done |
40 |
443d |
449d
|
412d |
40642747
vfs: fix do_last() regression
|
| BUG: sleeping function called from invalid context in tpk_write |
C |
|
done |
10 |
442d |
504d
|
412d |
ab84fd0d
ttyprintk: fix a potential deadlock in interrupt context issue
|
| BUG: sleeping function called from invalid context in lock_sock_nested (2) |
syz |
|
done |
1 |
445d |
505d
|
415d |
713ff7e4
crypto: af_alg - Use bh_lock_sock in sk_destruct
|
| KASAN: use-after-free Read in ext4_xattr_set_entry |
C |
|
done |
9 |
447d |
539d
|
417d |
08e4a312
ext4: validate the debug_want_extra_isize mount option at parse time
|
| KASAN: slab-out-of-bounds Read in __nla_put_nohdr |
C |
|
done |
2 |
451d |
451d
|
421d |
c5fd8a37
net-sysfs: Fix reference count leak
|
| KASAN: slab-out-of-bounds Write in setup_udp_tunnel_sock |
C |
|
done |
1 |
455d |
455d
|
424d |
c57b0f88
Documentation: Document arm64 kpti control
|
| KASAN: use-after-free Read in snd_timer_resolution |
C |
|
done |
1 |
457d |
457d
|
427d |
43bb0a16
ALSA: seq: Fix racy access for queue timer in proc read
|
| INFO: task hung in genl_rcv_msg |
syz |
|
done |
2 |
461d |
461d
|
431d |
24070b40
tcp: clear tp->total_retrans in tcp_disconnect()
|
| WARNING in reconnect_path |
C |
done |
done |
1 |
463d |
523d
|
432d |
b6e209a1
exportfs: fix 'passing zero to ERR_PTR()' warning
|
| KASAN: use-after-free Write in __alloc_skb |
C |
|
done |
1 |
466d |
497d
|
433d |
e8412528
net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
|
| KASAN: use-after-free Read in cdev_put |
C |
|
done |
6 |
466d |
510d
|
436d |
0ce254bc
xen-blkback: prevent premature module unload
|
| KASAN: slab-out-of-bounds Read in macvlan_broadcast |
C |
|
done |
6 |
468d |
472d
|
437d |
4a953272
macvlan: do not assume mac_header is set in macvlan_broadcast()
|
| KASAN: use-after-free Read in macvlan_broadcast |
C |
|
done |
8 |
469d |
472d
|
439d |
4a953272
macvlan: do not assume mac_header is set in macvlan_broadcast()
|
| WARNING: bad unlock balance in gtp_encap_enable_socket |
C |
|
done |
2 |
470d |
472d
|
439d |
887b0296
gtp: fix bad unlock balance in gtp_encap_enable_socket
|
| KASAN: slab-out-of-bounds Read in bpf_skb_change_tail |
C |
|
done |
2 |
475d |
621d
|
442d |
7fed98f4
bpf: reject passing modified ctx to helper functions
|
| KASAN: slab-out-of-bounds Read in bpf_skb_change_proto |
C |
|
done |
2 |
475d |
622d
|
442d |
7fed98f4
bpf: reject passing modified ctx to helper functions
|
| KASAN: slab-out-of-bounds Read in bpf_clone_redirect |
C |
|
done |
11 |
481d |
643d
|
450d |
7fed98f4
bpf: reject passing modified ctx to helper functions
|
| KASAN: slab-out-of-bounds Read in bpf_skb_change_head |
C |
|
done |
2 |
485d |
554d
|
453d |
7fed98f4
bpf: reject passing modified ctx to helper functions
|
| possible deadlock in refcount_dec_and_mutex_lock |
C |
|
done |
10 |
484d |
556d
|
453d |
4df72865
nbd: verify socket is supported during setup
|
| WARNING: refcount bug in cdev_get |
C |
|
done |
21 |
485d |
615d
|
455d |
03a70959
net: usb: lan78xx: Connect PHY before registering MAC
|
| INFO: rcu detected stall in br_handle_frame (2) |
C |
|
done |
1 |
490d |
490d
|
459d |
73a6f18d
pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
|
| WARNING in ovl_rename |
syz |
|
done |
2 |
493d |
726d
|
460d |
6890751c
ovl: relax WARN_ON() on rename to self
|
| inconsistent lock state in sp_get |
C |
|
done |
2 |
497d |
497d
|
467d |
8b58905f
6pack,mkiss: fix possible deadlock
|
| KASAN: slab-out-of-bounds Read in linear_transfer |
C |
|
done |
4 |
499d |
506d
|
468d |
2a76606d
ALSA: pcm: oss: Avoid potential buffer overflows
|
| possible deadlock in __might_fault |
C |
|
done |
295 |
500d |
741d
|
470d |
d4197149
usb: mon: Fix a deadlock in usbmon between mmap and read
|
| possible deadlock in mon_bin_vma_fault |
C |
|
done |
282 |
502d |
737d
|
471d |
d4197149
usb: mon: Fix a deadlock in usbmon between mmap and read
|
| WARNING: refcount bug in kobject_get |
C |
|
done |
20 |
506d |
740d
|
476d |
227db8e4
tipc: fix unlimited bundling of small messages
|
| WARNING in refcount_error_report |
syz |
|
done |
1 |
508d |
508d
|
476d |
7272e8e3
inet: protect against too small mtu values.
|
| BUG: corrupted list in p9_fd_cancelled |
syz |
|
done |
2 |
507d |
553d
|
476d |
8a82aee7
arm64: Add MIDR encoding for Arm Cortex-A55 and Cortex-A35
|
| BUG: unable to handle kernel paging request in slhc_free |
C |
|
done |
4 |
511d |
738d
|
479d |
da0bbf51
slip: make slhc_free() silently accept an error pointer
|
| WARNING in dio_complete |
C |
|
done |
27 |
511d |
740d
|
479d |
365874a0
blk-mq: avoid sysfs buffer overflow with too many CPU cores
|
| KASAN: use-after-free Read in slip_open |
C |
done |
done |
2 |
514d |
514d
|
482d |
f5bcc687
slip: Fix use-after-free Read in slip_open
|
| KASAN: use-after-free Read in kfree_skb |
C |
|
done |
98 |
512d |
639d
|
482d |
79d404a2
Bluetooth: Fix invalid-free in bcsp_close()
|
| INFO: task hung in nbd_ioctl |
C |
|
done |
18 |
483d |
557d
|
482d |
4df72865
nbd: verify socket is supported during setup
|
| WARNING: suspicious RCU usage in shmem_add_seals |
C |
done |
done |
1435 |
519d |
542d
|
489d |
988f701a
memfd: Use radix_tree_deref_slot_protected to avoid the warning.
|
| possible deadlock in flush_workqueue |
C |
|
done |
15 |
522d |
614d
|
491d |
4df72865
nbd: verify socket is supported during setup
|
| WARNING in bpf_jit_free |
syz |
|
done |
60 |
564d |
737d
|
492d |
47569360
bpf: fix use after free in prog symbol exposure
|
| INFO: task hung in lo_release |
syz |
|
done |
128 |
630d |
742d
|
493d |
22f36db4
Revert "block/loop: Use global lock for ioctl() operation."
|
| BUG: unable to handle kernel NULL pointer dereference in inet_autobind |
C |
inconclusive |
done |
3133 |
533d |
542d
|
494d |
7c3c0d51
sctp: not bind the socket in sctp_connect
|
| BUG: unable to handle kernel NULL pointer dereference in blk_mq_map_swqueue |
C |
|
done |
20 |
495d |
733d
|
494d |
0b584bf5
nbd: fix max number of supported devs
|
| BUG: unable to handle kernel paging request in dummy_set_vf_vlan |
C |
|
done |
5 |
527d |
621d
|
494d |
9ed49fc9
net: rtnetlink: prevent underflows in do_setvfinfo()
|
| BUG: unable to handle kernel paging request in dummy_set_vf_spoofchk |
C |
|
done |
6 |
530d |
642d
|
494d |
9ed49fc9
net: rtnetlink: prevent underflows in do_setvfinfo()
|
| BUG: unable to handle kernel paging request in dummy_get_vf_config |
C |
|
done |
4 |
546d |
644d
|
496d |
9ed49fc9
net: rtnetlink: prevent underflows in do_setvfinfo()
|
| WARNING: suspicious RCU usage in netem_enqueue |
C |
|
done |
3 |
550d |
574d
|
497d |
6f492e80
net_sched: add max len check for TCA_KIND
|
| BUG: unable to handle kernel paging request in dummy_set_vf_rss_query_en |
C |
|
done |
5 |
551d |
642d
|
497d |
9ed49fc9
net: rtnetlink: prevent underflows in do_setvfinfo()
|
| BUG: unable to handle kernel paging request in dummy_set_vf_mac |
C |
|
done |
5 |
559d |
632d
|
497d |
9ed49fc9
net: rtnetlink: prevent underflows in do_setvfinfo()
|
| BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass |
C |
|
done |
14 |
554d |
594d
|
497d |
54b9f579
net_sched: check cops->tcf_block in tc_bind_tclass()
|
| KASAN: null-ptr-deref Write in kvm_write_guest_virt_system |
C |
|
done |
53 |
560d |
578d
|
498d |
2890b718
watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout
|
| WARNING in tcp_send_loss_probe |
C |
|
done |
22 |
581d |
590d
|
500d |
ba2ddb43
tcp: Don't dequeue SYN/FIN-segments from write-queue
|
| general protection fault in tcp_push |
C |
|
done |
55 |
580d |
590d
|
500d |
f1dcc5ed
tcp: Reset send_head when removing skb from write-queue
|
| BUG: unable to handle kernel paging request in dummy_set_vf_rate |
C |
|
done |
3 |
580d |
595d
|
500d |
9ed49fc9
net: rtnetlink: prevent underflows in do_setvfinfo()
|
| WARNING in tcp_retransmit_timer |
C |
|
done |
215 |
580d |
590d
|
500d |
ba2ddb43
tcp: Don't dequeue SYN/FIN-segments from write-queue
|
| general protection fault in qdisc_destroy |
C |
|
done |
4 |
580d |
585d
|
500d |
e0f600b6
net_sched: let qdisc_put() accept NULL pointer
|
| INFO: rcu detected stall in mld_dad_timer_expire |
C |
|
done |
1 |
586d |
586d
|
500d |
cc243e24
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| INFO: rcu detected stall in br_handle_frame |
C |
|
done |
15 |
582d |
594d
|
502d |
cc243e24
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| WARNING in kernfs_get |
C |
|
done |
17 |
612d |
732d
|
502d |
5432923a
driver core: Fix use-after-free and double free on glue directory
|
| INFO: rcu detected stall in mld_ifc_timer_expire |
C |
|
done |
9 |
584d |
594d
|
503d |
cc243e24
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| WARNING in xfrm_state_fini |
C |
|
done |
193 |
587d |
741d
|
504d |
cd393b38
xfrm: clean up xfrm protocol checks
|
| INFO: rcu detected stall in addrconf_dad_work |
C |
|
done |
18 |
587d |
594d
|
504d |
cc243e24
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| INFO: rcu detected stall in corrupted |
C |
|
done |
3 |
588d |
610d
|
504d |
cc243e24
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| BUG: unable to handle kernel paging request in dummy_set_vf_trust |
C |
|
done |
2 |
595d |
629d
|
505d |
9ed49fc9
net: rtnetlink: prevent underflows in do_setvfinfo()
|
| WARNING in map_lookup_elem |
C |
|
done |
2 |
602d |
602d
|
505d |
95867919
KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
|
| WARNING: refcount bug in hci_register_dev |
C |
|
done |
3 |
600d |
615d
|
505d |
5432923a
driver core: Fix use-after-free and double free on glue directory
|
| kernel BUG at ./include/linux/skbuff.h:LINE! |
C |
|
done |
16 |
596d |
622d
|
505d |
e5df4bae
tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue
|
| general protection fault in packet_lookup_frame |
C |
|
done |
1 |
618d |
618d
|
505d |
5ac73816
net/packet: fix race in tpacket_snd()
|
| WARNING: refcount bug in kobject_put |
C |
|
done |
3 |
622d |
729d
|
505d |
5432923a
driver core: Fix use-after-free and double free on glue directory
|
| general protection fault in tcf_ife_init |
C |
|
done |
12 |
633d |
643d
|
506d |
7fcc60e5
ife: error out when nla attributes are empty
|
| general protection fault in kernfs_add_one |
C |
|
done |
5 |
630d |
699d
|
506d |
5432923a
driver core: Fix use-after-free and double free on glue directory
|
| WARNING in sysfs_remove_group |
C |
|
done |
1 |
646d |
646d
|
507d |
5432923a
driver core: Fix use-after-free and double free on glue directory
|
| BUG: unable to handle kernel paging request in coalesced_mmio_write |
C |
|
done |
4 |
664d |
670d
|
508d |
bf81752d
KVM: coalesced_mmio: add bounds checking
|
| WARNING in kernfs_put |
C |
|
done |
2 |
662d |
729d
|
508d |
5432923a
driver core: Fix use-after-free and double free on glue directory
|
| KASAN: use-after-free Read in erspan_build_header |
C |
|
done |
18 |
708d |
742d
|
509d |
1d629bf9
net: erspan: fix use-after-free
|
| KASAN: slab-out-of-bounds Read in erspan_build_header |
C |
|
done |
8 |
706d |
742d
|
509d |
d93fb604
tipc: fix modprobe tipc failed after switch order of device registration
|
| WARNING in notify_change |
C |
|
done |
14 |
672d |
737d
|
509d |
2c546242
Abort file_remove_privs() for non-reg. files
|
| KASAN: use-after-free Read in tcp_init_tso_segs |
C |
|
|
1424 |
580d |
590d
|
566d |
f1dcc5ed
tcp: Reset send_head when removing skb from write-queue
|