syzbot


Title Repro Cause bisect Fix bisect Count Last Reported Closed Patch
KASAN: use-after-free Read in ieee80211_ibss_build_presp C done 2 30d 176d 11h19m d2ddd541 mac80211: fix double free in ibss_leave
possible deadlock in red_adaptative_timer C done 2 32d 123d 2d02h 43c9bffd net: sched: validate stab values
BUG: unable to handle kernel NULL pointer dereference in vhci_shutdown_connection syz done 1335 36d 127d 4d03h 534d2cf4 usbip: synchronize event handler with sysfs code paths
WARNING in ext4_xattr_set_entry C done 19 48d 204d 15d 470f69cb ext4: do not try to set xattr into ea_inode if value is empty
BUG: unable to handle kernel NULL pointer dereference in amp_read_loc_assoc_final_data C done 207 48d 266d 15d 2f642a2b Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
KASAN: use-after-free Read in ntfs_iget C done 2 61d 137d 30d 49ee014a ntfs: check for valid standard information attribute
KASAN: use-after-free Read in ntfs_read_locked_inode C done 2 62d 214d 32d 49ee014a ntfs: check for valid standard information attribute
KASAN: slab-out-of-bounds Read in squashfs_export_iget C done 4 90d 193d 56d 69396cfd squashfs: add more sanity checks in inode lookup
general protection fault in ieee80211_subif_start_xmit syz done 1 87d 147d 56d d882652c mac80211: pause TX while changing interface type
general protection fault in ioctl_standard_call C done 24 88d 183d 56d 173b67cf wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
KASAN: slab-out-of-bounds Read in squashfs_get_id C 11 59d 213d 58d 8d9ca7e3 squashfs: add more sanity checks in id lookup
KASAN: use-after-free Read in squashfs_get_id C 1 59d 155d 58d 8d9ca7e3 squashfs: add more sanity checks in id lookup
KASAN: use-after-free Read in reiserfs_fill_super C done 2 107d 107d 60d b74d5f70 reiserfs: add check for an invalid ih_entry_count
divide error in do_journal_end C done 1 104d 164d 60d b74d5f70 reiserfs: add check for an invalid ih_entry_count
KASAN: use-after-free Read in search_by_entry_key C done 3 107d 213d 60d b74d5f70 reiserfs: add check for an invalid ih_entry_count
KASAN: use-after-free Read in reiserfs_read_locked_inode C done 5 109d 214d 62d b74d5f70 reiserfs: add check for an invalid ih_entry_count
general protection fault in dqput C done 1 116d 116d 86d a9c625fc quota: Sanity-check quota file headers on load
KASAN: use-after-free Read in leaf_paste_entries C done 6 118d 162d 86d b74d5f70 reiserfs: add check for an invalid ih_entry_count
general protection fault in hci_phy_link_complete_evt C done 40 117d 264d 86d 4113f6f7 Bluetooth: Fix null pointer dereference in hci_event_packet()
BUG: unable to handle kernel paging request in dquot_add_inodes C done 2 119d 141d 89d a9c625fc quota: Sanity-check quota file headers on load
BUG: unable to handle kernel paging request in dqput C done 9 122d 211d 90d a9c625fc quota: Sanity-check quota file headers on load
kernel BUG at net/core/dev.c:LINE! C inconclusive 3 115d 384d 95d 8f9a69a9 net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet
kernel BUG at fs/reiserfs/prints.c:LINE! C done 3 130d 211d 100d b74d5f70 reiserfs: add check for an invalid ih_entry_count
general protection fault in get_work_pool C done 1 133d 163d 103d 42a387dc mac80211: mesh: fix mesh_pathtbl_init() error path
BUG: corrupted list in dquot_disable C done 1 135d 135d 104d a9c625fc quota: Sanity-check quota file headers on load
KASAN: use-after-free Read in sco_chan_del C done 10 137d 262d 107d 4113f6f7 Bluetooth: Fix null pointer dereference in hci_event_packet()
INFO: trying to register non-static key in rhashtable_free_and_destroy C done 4 141d 155d 108d 42a387dc mac80211: mesh: fix mesh_pathtbl_init() error path
KASAN: slab-out-of-bounds Read in hci_le_meta_evt C done 15 144d 263d 113d 7ee2cd49 Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
BUG: unable to handle kernel paging request in dquot_add_space C done 1 144d 204d 114d a9c625fc quota: Sanity-check quota file headers on load
BUG: sleeping function called from invalid context in sta_info_move_state C done 1101 149d 152d 119d 89ab6b90 mac80211: free sta in sta_info_insert_finish() on errors
general protection fault in qp_release_pages C done 2 151d 182d 120d 2b8c7395 VMCI: check return value of get_user_pages_fast() for errors
WARNING in unlock_new_inode C done 55 178d 215d 147d a8ca9f68 reiserfs: only call unlock_new_inode() if I_NEW
KASAN: slab-out-of-bounds Write in init_sb C done 3 179d 213d 149d 78734edd gfs2: add validation checks for size of superblock
KASAN: global-out-of-bounds Read in fbcon_resize C done 529 184d 232d 153d d31eccab fbcon: Fix user font detection test at fbcon_resize().
INFO: task hung in ucma_close C done 421 184d 596d 153d ef13017d RDMA/ucma: ucma_context reference leak in error path
KASAN: global-out-of-bounds Read in vga16fb_imageblit C done 723 184d 507d 153d 0472aa0c video: fbdev: fix OOB read in vga_8planes_imageblit()
KASAN: slab-out-of-bounds Read in ntfs_attr_find C done 10 184d 211d 153d d2918cca ntfs: add check for mft record size in superblock
KASAN: global-out-of-bounds Read in fbcon_get_font C done 42 190d 506d 160d 30386c13 fbcon: Fix global-out-of-bounds read in fbcon_get_font()
KASAN: use-after-free Read in ntfs_attr_find C done 4 192d 211d 162d d2918cca ntfs: add check for mft record size in superblock
KASAN: global-out-of-bounds Read in get_unique_tuple C done 5 205d 377d 175d 60634d81 netfilter: ctnetlink: add a range check for l3/l4 protonum
general protection fault in open_xa_dir C done 1 213d 213d 182d e2b6b343 reiserfs: Fix oops during mount
KASAN: use-after-free Read in rxrpc_see_skb syz done 1 234d 234d 183d 38eefb19 MIPS: SNI: Fix MIPS_L1_CACHE_SHIFT
INFO: task hung in nbd_ioctl (2) C done 16 230d 475d 183d 7241d653 tipc: fix shutdown() of connection oriented socket
WARNING in restore_regulatory_settings C done 2264 225d 471d 195d 02015d24 cfg80211: regulatory: reject invalid hints
general protection fault in __sock_release syz done 12 226d 238d 195d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
general protection fault in locks_remove_file syz done 6 226d 237d 196d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
general protection fault in tty_release C done 10 227d 237d 197d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Read in seq_release_private syz done 1 228d 228d 197d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
WARNING: ODEBUG bug in corrupted syz done 1 228d 228d 197d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
WARNING: ODEBUG bug in exit_to_usermode_loop syz done 2 230d 232d 199d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Read in __sock_release syz done 3 231d 239d 199d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
WARNING in snd_pcm_drop syz done 1 230d 230d 199d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
BUG: corrupted list in fuse_dev_free syz done 1 232d 232d 201d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
general protection fault in kmem_cache_free syz done 3 233d 233d 202d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Read in snd_pcm_oss_release syz done 1 233d 233d 202d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Write in ex_handler_refcount C done 16 233d 442d 202d af7122cf Bluetooth: add a mutex lock to avoid UAF in do_enale_set
KASAN: double-free or invalid-free in (null) syz done 1 234d 234d 203d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
BUG: corrupted list in mousedev_release syz done 1 235d 235d 205d c5c6e00f fix regression in "epoll: Keep a reference on files added to the check list"
INFO: trying to register non-static key in uhid_char_release C done 2 236d 255d 206d 9e5894b7 HID: core: Correctly handle ReportSize being zero
KASAN: slab-out-of-bounds Read in hci_event_packet C done 17 248d 722d 218d 68bb9edd Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
KASAN: slab-out-of-bounds Read in hci_inquiry_result_with_rssi_evt C done 6 249d 265d 218d 68bb9edd Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
KASAN: use-after-free Read in get_block C done 8 254d 379d 223d 0900097e fs/minix: reject too-large maximum file size
WARNING in inc_nlink C done 21 254d 397d 224d 12490f06 fs/minix: don't allow getting deleted inodes
KASAN: slab-out-of-bounds Read in get_block C done 2 254d 284d 224d 0900097e fs/minix: reject too-large maximum file size
BUG: unable to handle kernel NULL pointer dereference in get_block C done 45 255d 402d 225d 3c775629 fs/minix: check return value of sb_getblk()
KASAN: slab-out-of-bounds Read in hci_extended_inquiry_result_evt C done 5 258d 263d 226d d91299b8 Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
KASAN: use-after-free Read in delete_and_unsubscribe_port syz done 2 266d 266d 233d ccafbed8 ALSA: seq: oss: Serialize ioctls
KASAN: double-free or invalid-free in 0x2 syz done 1 267d 267d 233d ccafbed8 ALSA: seq: oss: Serialize ioctls
INFO: task hung in fb_release C done 48 269d 500d 237d c388072f fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
unregister_netdevice: waiting for DEV to become free C done 120 295d 734d 264d 0f7f0b05 ipvs: fix tinfo memory leak in start_sync_thread
general protection fault in batadv_iv_ogm_schedule_buff 1 371d 371d 288d e181bb93 batman-adv: Don't schedule OGM for disabled interface
KASAN: null-ptr-deref Write in choke_reset C done 283 338d 368d 307d 4836eb6b sch_choke: avoid potential panic in choke_reset()
KASAN: use-after-free Read in do_blk_trace_setup C done 342 338d 742d 308d b390c22c blktrace: fix unlocked access to init/start-stop/teardown
WARNING in xfrm_policy_insert syz done 8 342d 601d 312d 1cd914b0 xfrm: fix a warning in xfrm_policy_insert_list
KASAN: slab-out-of-bounds Write in snd_rawmidi_kernel_write1 C done 1 343d 373d 313d 8645ac36 ALSA: rawmidi: Fix racy buffer resize under concurrent accesses
WARNING: ODEBUG bug in route4_change C done 23 385d 414d 355d f0c92f59 net_sched: cls_route: remove the right filter from hashtable
KASAN: use-after-free Write in release_tty C done 124 386d 506d 356d b9eb60a0 vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
WARNING: ODEBUG bug in rfcomm_dev_ioctl C done 2 395d 395d 364d 0da9c032 Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
KASAN: slab-out-of-bounds Read in selinux_xfrm_alloc_user C done 1 396d 396d 366d 25106012 xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
WARNING: refcount bug in sock_wfree C done done 3 397d 518d 367d 968f831d sctp: fix refcount bug in sctp_wfree
KASAN: use-after-free Write in tcindex_set_parms C done 3 399d 400d 369d 9f8b6c44 net_sched: keep alloc_hash updated after hash allocation
KASAN: slab-out-of-bounds Write in tcindex_set_parms C done 2 400d 400d 370d 9f8b6c44 net_sched: keep alloc_hash updated after hash allocation
WARNING: ODEBUG bug in rfcomm_dlc_free C done 16 403d 635d 372d 0da9c032 Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
KASAN: use-after-free Read in tty_open C done 5 405d 507d 374d b9eb60a0 vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
KASAN: use-after-free Read in tty_buffer_cancel_work C done 2 414d 502d 384d b9eb60a0 vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
KASAN: use-after-free Read in get_work_pool C done 1 415d 505d 385d b9eb60a0 vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
KASAN: use-after-free Read in n_tty_receive_buf_common C done 25 417d 505d 385d a4719f6d vt: selection, push sel_lock up
WARNING: kernel stack frame pointer has bad value C done 65 422d 725d 387d 377d7378 fjes: fix missed check in fjes_acpi_add
INFO: task hung in paste_selection C done 8 422d 498d 392d 7c315855 ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
INFO: task hung in drain_all_pages C done 1 423d 423d 392d a86265ed netfilter: xt_hashlimit: limit the max size of hashtable
INFO: task hung in tty_ldisc_hangup C done 17 430d 501d 400d a4719f6d vt: selection, push sel_lock up
INFO: task hung in hashlimit_mt_check_common C done 6 433d 485d 401d a86265ed netfilter: xt_hashlimit: limit the max size of hashtable
KASAN: stack-out-of-bounds Write in ax25_getname C done 4 432d 728d 401d ff8e12b0 vhost: Check docket sk_family instead of call getname
KASAN: slab-out-of-bounds Read in tcf_exts_destroy C done 1 437d 550d 406d 6cb448ee net_sched: fix an OOB access in cls_tcindex
general protection fault in path_openat C done 40 443d 449d 412d 40642747 vfs: fix do_last() regression
BUG: sleeping function called from invalid context in tpk_write C done 10 442d 504d 412d ab84fd0d ttyprintk: fix a potential deadlock in interrupt context issue
BUG: sleeping function called from invalid context in lock_sock_nested (2) syz done 1 445d 505d 415d 713ff7e4 crypto: af_alg - Use bh_lock_sock in sk_destruct
KASAN: use-after-free Read in ext4_xattr_set_entry C done 9 447d 539d 417d 08e4a312 ext4: validate the debug_want_extra_isize mount option at parse time
KASAN: slab-out-of-bounds Read in __nla_put_nohdr C done 2 451d 451d 421d c5fd8a37 net-sysfs: Fix reference count leak
KASAN: slab-out-of-bounds Write in setup_udp_tunnel_sock C done 1 455d 455d 424d c57b0f88 Documentation: Document arm64 kpti control
KASAN: use-after-free Read in snd_timer_resolution C done 1 457d 457d 427d 43bb0a16 ALSA: seq: Fix racy access for queue timer in proc read
INFO: task hung in genl_rcv_msg syz done 2 461d 461d 431d 24070b40 tcp: clear tp->total_retrans in tcp_disconnect()
WARNING in reconnect_path C done done 1 463d 523d 432d b6e209a1 exportfs: fix 'passing zero to ERR_PTR()' warning
KASAN: use-after-free Write in __alloc_skb C done 1 466d 497d 433d e8412528 net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
KASAN: use-after-free Read in cdev_put C done 6 466d 510d 436d 0ce254bc xen-blkback: prevent premature module unload
KASAN: slab-out-of-bounds Read in macvlan_broadcast C done 6 468d 472d 437d 4a953272 macvlan: do not assume mac_header is set in macvlan_broadcast()
KASAN: use-after-free Read in macvlan_broadcast C done 8 469d 472d 439d 4a953272 macvlan: do not assume mac_header is set in macvlan_broadcast()
WARNING: bad unlock balance in gtp_encap_enable_socket C done 2 470d 472d 439d 887b0296 gtp: fix bad unlock balance in gtp_encap_enable_socket
KASAN: slab-out-of-bounds Read in bpf_skb_change_tail C done 2 475d 621d 442d 7fed98f4 bpf: reject passing modified ctx to helper functions
KASAN: slab-out-of-bounds Read in bpf_skb_change_proto C done 2 475d 622d 442d 7fed98f4 bpf: reject passing modified ctx to helper functions
KASAN: slab-out-of-bounds Read in bpf_clone_redirect C done 11 481d 643d 450d 7fed98f4 bpf: reject passing modified ctx to helper functions
KASAN: slab-out-of-bounds Read in bpf_skb_change_head C done 2 485d 554d 453d 7fed98f4 bpf: reject passing modified ctx to helper functions
possible deadlock in refcount_dec_and_mutex_lock C done 10 484d 556d 453d 4df72865 nbd: verify socket is supported during setup
WARNING: refcount bug in cdev_get C done 21 485d 615d 455d 03a70959 net: usb: lan78xx: Connect PHY before registering MAC
INFO: rcu detected stall in br_handle_frame (2) C done 1 490d 490d 459d 73a6f18d pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
WARNING in ovl_rename syz done 2 493d 726d 460d 6890751c ovl: relax WARN_ON() on rename to self
inconsistent lock state in sp_get C done 2 497d 497d 467d 8b58905f 6pack,mkiss: fix possible deadlock
KASAN: slab-out-of-bounds Read in linear_transfer C done 4 499d 506d 468d 2a76606d ALSA: pcm: oss: Avoid potential buffer overflows
possible deadlock in __might_fault C done 295 500d 741d 470d d4197149 usb: mon: Fix a deadlock in usbmon between mmap and read
possible deadlock in mon_bin_vma_fault C done 282 502d 737d 471d d4197149 usb: mon: Fix a deadlock in usbmon between mmap and read
WARNING: refcount bug in kobject_get C done 20 506d 740d 476d 227db8e4 tipc: fix unlimited bundling of small messages
WARNING in refcount_error_report syz done 1 508d 508d 476d 7272e8e3 inet: protect against too small mtu values.
BUG: corrupted list in p9_fd_cancelled syz done 2 507d 553d 476d 8a82aee7 arm64: Add MIDR encoding for Arm Cortex-A55 and Cortex-A35
BUG: unable to handle kernel paging request in slhc_free C done 4 511d 738d 479d da0bbf51 slip: make slhc_free() silently accept an error pointer
WARNING in dio_complete C done 27 511d 740d 479d 365874a0 blk-mq: avoid sysfs buffer overflow with too many CPU cores
KASAN: use-after-free Read in slip_open C done done 2 514d 514d 482d f5bcc687 slip: Fix use-after-free Read in slip_open
KASAN: use-after-free Read in kfree_skb C done 98 512d 639d 482d 79d404a2 Bluetooth: Fix invalid-free in bcsp_close()
INFO: task hung in nbd_ioctl C done 18 483d 557d 482d 4df72865 nbd: verify socket is supported during setup
WARNING: suspicious RCU usage in shmem_add_seals C done done 1435 519d 542d 489d 988f701a memfd: Use radix_tree_deref_slot_protected to avoid the warning.
possible deadlock in flush_workqueue C done 15 522d 614d 491d 4df72865 nbd: verify socket is supported during setup
WARNING in bpf_jit_free syz done 60 564d 737d 492d 47569360 bpf: fix use after free in prog symbol exposure
INFO: task hung in lo_release syz done 128 630d 742d 493d 22f36db4 Revert "block/loop: Use global lock for ioctl() operation."
BUG: unable to handle kernel NULL pointer dereference in inet_autobind C inconclusive done 3133 533d 542d 494d 7c3c0d51 sctp: not bind the socket in sctp_connect
BUG: unable to handle kernel NULL pointer dereference in blk_mq_map_swqueue C done 20 495d 733d 494d 0b584bf5 nbd: fix max number of supported devs
BUG: unable to handle kernel paging request in dummy_set_vf_vlan C done 5 527d 621d 494d 9ed49fc9 net: rtnetlink: prevent underflows in do_setvfinfo()
BUG: unable to handle kernel paging request in dummy_set_vf_spoofchk C done 6 530d 642d 494d 9ed49fc9 net: rtnetlink: prevent underflows in do_setvfinfo()
BUG: unable to handle kernel paging request in dummy_get_vf_config C done 4 546d 644d 496d 9ed49fc9 net: rtnetlink: prevent underflows in do_setvfinfo()
WARNING: suspicious RCU usage in netem_enqueue C done 3 550d 574d 497d 6f492e80 net_sched: add max len check for TCA_KIND
BUG: unable to handle kernel paging request in dummy_set_vf_rss_query_en C done 5 551d 642d 497d 9ed49fc9 net: rtnetlink: prevent underflows in do_setvfinfo()
BUG: unable to handle kernel paging request in dummy_set_vf_mac C done 5 559d 632d 497d 9ed49fc9 net: rtnetlink: prevent underflows in do_setvfinfo()
BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass C done 14 554d 594d 497d 54b9f579 net_sched: check cops->tcf_block in tc_bind_tclass()
KASAN: null-ptr-deref Write in kvm_write_guest_virt_system C done 53 560d 578d 498d 2890b718 watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout
WARNING in tcp_send_loss_probe C done 22 581d 590d 500d ba2ddb43 tcp: Don't dequeue SYN/FIN-segments from write-queue
general protection fault in tcp_push C done 55 580d 590d 500d f1dcc5ed tcp: Reset send_head when removing skb from write-queue
BUG: unable to handle kernel paging request in dummy_set_vf_rate C done 3 580d 595d 500d 9ed49fc9 net: rtnetlink: prevent underflows in do_setvfinfo()
WARNING in tcp_retransmit_timer C done 215 580d 590d 500d ba2ddb43 tcp: Don't dequeue SYN/FIN-segments from write-queue
general protection fault in qdisc_destroy C done 4 580d 585d 500d e0f600b6 net_sched: let qdisc_put() accept NULL pointer
INFO: rcu detected stall in mld_dad_timer_expire C done 1 586d 586d 500d cc243e24 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in br_handle_frame C done 15 582d 594d 502d cc243e24 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
WARNING in kernfs_get C done 17 612d 732d 502d 5432923a driver core: Fix use-after-free and double free on glue directory
INFO: rcu detected stall in mld_ifc_timer_expire C done 9 584d 594d 503d cc243e24 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
WARNING in xfrm_state_fini C done 193 587d 741d 504d cd393b38 xfrm: clean up xfrm protocol checks
INFO: rcu detected stall in addrconf_dad_work C done 18 587d 594d 504d cc243e24 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in corrupted C done 3 588d 610d 504d cc243e24 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
BUG: unable to handle kernel paging request in dummy_set_vf_trust C done 2 595d 629d 505d 9ed49fc9 net: rtnetlink: prevent underflows in do_setvfinfo()
WARNING in map_lookup_elem C done 2 602d 602d 505d 95867919 KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
WARNING: refcount bug in hci_register_dev C done 3 600d 615d 505d 5432923a driver core: Fix use-after-free and double free on glue directory
kernel BUG at ./include/linux/skbuff.h:LINE! C done 16 596d 622d 505d e5df4bae tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue
general protection fault in packet_lookup_frame C done 1 618d 618d 505d 5ac73816 net/packet: fix race in tpacket_snd()
WARNING: refcount bug in kobject_put C done 3 622d 729d 505d 5432923a driver core: Fix use-after-free and double free on glue directory
general protection fault in tcf_ife_init C done 12 633d 643d 506d 7fcc60e5 ife: error out when nla attributes are empty
general protection fault in kernfs_add_one C done 5 630d 699d 506d 5432923a driver core: Fix use-after-free and double free on glue directory
WARNING in sysfs_remove_group C done 1 646d 646d 507d 5432923a driver core: Fix use-after-free and double free on glue directory
BUG: unable to handle kernel paging request in coalesced_mmio_write C done 4 664d 670d 508d bf81752d KVM: coalesced_mmio: add bounds checking
WARNING in kernfs_put C done 2 662d 729d 508d 5432923a driver core: Fix use-after-free and double free on glue directory
KASAN: use-after-free Read in erspan_build_header C done 18 708d 742d 509d 1d629bf9 net: erspan: fix use-after-free
KASAN: slab-out-of-bounds Read in erspan_build_header C done 8 706d 742d 509d d93fb604 tipc: fix modprobe tipc failed after switch order of device registration
WARNING in notify_change C done 14 672d 737d 509d 2c546242 Abort file_remove_privs() for non-reg. files
KASAN: use-after-free Read in tcp_init_tso_segs C 1424 580d 590d 566d f1dcc5ed tcp: Reset send_head when removing skb from write-queue