general protection fault in em_cmp_match
|
C |
|
|
1 |
719d |
719d
|
0/1 |
never |
134b529db48a
net_sched: reject TCF_EM_SIMPLE case for complex ematch module
|
KASAN: use-after-free Read in tc_chain_fill_node
|
C |
|
|
1031 |
638d |
1882d
|
0/1 |
never |
cd25f1099284
net: core: netlink: add helper refcount dec and lock function
da1d324088c4
net: sched: add helper function to take reference to Qdisc
f602ed9f8574
net: sched: extend Qdisc with rcu
92833e8b5db6
net: sched: rename qdisc_destroy() to qdisc_put()
ae214e04b95f
net: sched: use Qdisc rcu API instead of relying on rtnl lock
|
KASAN: use-after-free Read in skb_dequeue (2)
|
C |
|
done |
2 |
1174d |
1204d
|
1/1 |
1144d |
f7bffefa322a
tty: Fix data race between tiocsti() and flush_to_ldisc()
|
KASAN: use-after-free Read in ext4_xattr_set_entry (2)
|
C |
|
done |
7 |
1176d |
1635d
|
1/1 |
1146d |
c481607ba522
ext4: fix race writing to an inline_data file while its xattrs are changing
|
inconsistent lock state in sco_sock_timeout
|
C |
|
done |
19 |
1177d |
1568d
|
1/1 |
1147d |
48669c81a656
Bluetooth: schedule SCO timeouts with delayed_work
|
BUG: sleeping function called from invalid context in lock_sock_nested (2)
|
C |
|
done |
3909 |
1178d |
1271d
|
1/1 |
1147d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
KASAN: slab-out-of-bounds Write in ext4_write_inline_data
|
C |
|
done |
3 |
1183d |
1389d
|
1/1 |
1153d |
c481607ba522
ext4: fix race writing to an inline_data file while its xattrs are changing
|
BUG: soft lockup in tx
|
C |
|
done |
1 |
1186d |
1216d
|
1/1 |
1155d |
7c113506163a
fq_codel: reject silly quantum parameters
|
BUG: corrupted list in kobject_add_internal
|
C |
|
done |
2 |
1190d |
1437d
|
1/1 |
1159d |
3f7b869c1b44
Bluetooth: avoid circular locks in sco_sock_connect
|
kernel BUG in kvm_hv_set_msr_common
|
syz |
|
done |
2 |
1190d |
1220d
|
1/1 |
1160d |
41d2efaed5bd
KVM: remember position in kvm->vcpus array
|
BUG: unable to handle kernel paging request in do_syscall_64
|
C |
|
done |
3 |
1195d |
1714d
|
1/1 |
1163d |
6be10fb6c143
fbmem: add margin check to fb_check_caps()
|
general protection fault in do_syscall_64 (2)
|
syz |
|
done |
2 |
1194d |
1528d
|
1/1 |
1163d |
6be10fb6c143
fbmem: add margin check to fb_check_caps()
|
KASAN: use-after-free Read in ip_check_mc_rcu
|
syz |
|
done |
7 |
1197d |
1348d
|
1/1 |
1163d |
4768973dffed
igmp: Add ip_mc_list lock in ip_check_mc_rcu
|
KASAN: slab-out-of-bounds Write in decode_data
|
C |
|
done |
1 |
1198d |
1744d
|
1/1 |
1167d |
4e370cc081a7
net: 6pack: fix slab-out-of-bounds in decode_data
|
INFO: task hung in do_fb_ioctl (2)
|
C |
|
done |
7 |
1198d |
1613d
|
1/1 |
1168d |
6be10fb6c143
fbmem: add margin check to fb_check_caps()
|
BUG: unable to handle kernel paging request in do_csum
|
C |
|
done |
1 |
1198d |
1417d
|
1/1 |
1168d |
c33471daf276
ip_gre: add validation for csum_start
|
BUG: unable to handle kernel NULL pointer dereference in __lookup_slow (2)
|
C |
|
done |
15 |
1208d |
1331d
|
1/1 |
1176d |
df2f583b6363
reiserfs: add check for root_inode in reiserfs_fill_super
|
KASAN: use-after-free Read in search_by_entry_key (2)
|
C |
|
done |
2 |
1209d |
1359d
|
1/1 |
1178d |
df2f583b6363
reiserfs: add check for root_inode in reiserfs_fill_super
|
KASAN: use-after-free Read in __queue_work
|
syz |
|
done |
5 |
1210d |
1582d
|
1/1 |
1179d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
WARNING in close_fs_devices
|
C |
|
done |
105 |
1220d |
1538d
|
1/1 |
1190d |
4c97ed4332be
ocfs2: fix zero out valid data
|
possible deadlock in cleanup_net
|
C |
|
done |
5212 |
1221d |
1483d
|
1/1 |
1190d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
possible deadlock in __sock_release
|
C |
|
done |
57446 |
1221d |
1483d
|
1/1 |
1190d |
7d2c0c0516e6
PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
|
KASAN: use-after-free Write in hci_sock_bind
|
C |
|
done |
12 |
1226d |
1786d
|
1/1 |
1194d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
kernel BUG at drivers/dma-buf/dma-buf.c:LINE!
|
syz |
|
done |
1 |
1224d |
1707d
|
1/1 |
1194d |
020a44cc54d6
drm: Return -ENOTTY for non-drm ioctls
|
unexpected kernel reboot
|
C |
|
done |
684 |
1233d |
2009d
|
1/1 |
1203d |
da84e8e9290e
KVM: x86: determine if an exception has an error code only when injecting it.
|
KASAN: use-after-free Read in reservation_object_test_signaled_rcu
|
C |
|
done |
4 |
1233d |
1468d
|
1/1 |
1203d |
020a44cc54d6
drm: Return -ENOTTY for non-drm ioctls
|
BUG: unable to handle kernel paging request in diFree
|
C |
|
done |
18 |
1233d |
1525d
|
1/1 |
1203d |
aff8d95b6905
jfs: fix GPF in diFree
|
KASAN: use-after-free Read in hci_chan_del
|
C |
|
done |
24 |
1236d |
1582d
|
1/1 |
1205d |
35113c4c9fa7
bluetooth: eliminate the potential race condition when removing the HCI controller
|
WARNING in drm_prime_destroy_file_private
|
syz |
|
done |
6 |
1235d |
1426d
|
1/1 |
1205d |
020a44cc54d6
drm: Return -ENOTTY for non-drm ioctls
|
divide error in do_journal_end (2)
|
C |
|
done |
4 |
1240d |
1350d
|
1/1 |
1208d |
47b4b8f0d378
reiserfs: add check for invalid 1st journal block
|
general protection fault in mount_fs
|
C |
|
done |
12 |
1239d |
1470d
|
1/1 |
1208d |
5485fe228f97
ext4: return error code when ext4_fill_flex_info() fails
|
WARNING: suspicious RCU usage in vxlan_xmit
|
C |
|
done |
1 |
1244d |
1244d
|
1/1 |
1214d |
f80201ff7937
vxlan: add missing rcu_read_lock() in neigh_reduce()
|
WARNING in batadv_iv_send_outstanding_bat_ogm_packet
|
C |
|
done |
373 |
1251d |
1867d
|
1/1 |
1221d |
e8e9d2968a9d
batman-adv: Avoid WARN_ON timing related checks
|
general protection fault in ieee802154_llsec_parse_dev_addr
|
C |
|
done |
32 |
1254d |
1373d
|
1/1 |
1224d |
00b16396ad26
HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65
|
KASAN: use-after-free Read in qfq_search_class
|
C |
|
done |
2 |
1257d |
1744d
|
1/1 |
1227d |
98fd088c3254
pkt_sched: sch_qfq: fix qfq_change_class() error path
|
KASAN: use-after-free Read in ntfs_iget (2)
|
C |
|
done |
1 |
1259d |
1259d
|
1/1 |
1228d |
00f00f5db888
ntfs: fix validity check for file name attribute
|
WARNING in sta_apply_parameters
|
C |
|
done |
1 |
1259d |
1486d
|
1/1 |
1229d |
25487a5ff100
mac80211: remove warning in ieee80211_get_sband()
|
WARNING in sta_info_alloc
|
C |
|
done |
15 |
1262d |
1518d
|
1/1 |
1231d |
25487a5ff100
mac80211: remove warning in ieee80211_get_sband()
|
KASAN: null-ptr-deref Write in vhci_shutdown_connection
|
syz |
|
done |
498 |
1265d |
1446d
|
1/1 |
1232d |
d42c3ebb3156
can: bcm/raw/isotp: use per module netdevice notifier
|
WARNING in process_one_work
|
C |
|
done |
9 |
1267d |
1832d
|
1/1 |
1237d |
e8e9d2968a9d
batman-adv: Avoid WARN_ON timing related checks
|
general protection fault in try_to_wake_up
|
syz |
|
done |
229 |
1268d |
1355d
|
1/1 |
1237d |
d42c3ebb3156
can: bcm/raw/isotp: use per module netdevice notifier
|
WARNING: ODEBUG bug in slave_kobj_release
|
C |
|
done |
28 |
1273d |
1449d
|
1/1 |
1243d |
f583748c2a4a
bonding: init notify_work earlier to avoid uninitialized use
|
KASAN: use-after-free Read in drm_getunique
|
syz |
|
done |
2 |
1286d |
1453d
|
1/1 |
1255d |
7d233ba700ce
drm: Fix use-after-free read in drm_getunique()
|
BUG: unable to handle kernel NULL pointer dereference in corrupted
|
C |
|
done |
6 |
1287d |
1869d
|
1/1 |
1256d |
93e4ac2a9979
nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
|
KASAN: global-out-of-bounds Read in soft_cursor
|
C |
|
done |
22 |
1287d |
1754d
|
1/1 |
1257d |
8c5ec4a731e1
vt: Fix character height handling with VT_RESIZEX
|
KASAN: global-out-of-bounds Read in bit_putcs
|
C |
|
done |
214 |
1287d |
1824d
|
1/1 |
1257d |
8c5ec4a731e1
vt: Fix character height handling with VT_RESIZEX
|
WARNING: ODEBUG bug in cancel_delayed_work
|
C |
|
done |
1226 |
1290d |
1585d
|
1/1 |
1258d |
02f681a5e827
Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
|
KASAN: use-after-free Read in hci_send_acl
|
C |
|
done |
3 |
1291d |
1582d
|
1/1 |
1258d |
75e26178e26f
Bluetooth: verify AMP hci_chan before amp_destroy
|
KASAN: use-after-free Read in nfc_llcp_sock_unlink
|
C |
|
done |
22 |
1290d |
1328d
|
1/1 |
1258d |
48fba458fe54
net/nfc: fix use-after-free llcp_sock_bind/connect
|
WARNING in hsr_addr_subst_dest
|
C |
|
done |
3099 |
1290d |
2059d
|
1/1 |
1258d |
40fa36443db3
hsr: use netdev_err() instead of WARN_ONCE()
|
KASAN: slab-out-of-bounds Read in soft_cursor (2)
|
C |
|
done |
8 |
1290d |
1412d
|
1/1 |
1258d |
8c5ec4a731e1
vt: Fix character height handling with VT_RESIZEX
|
possible deadlock in tty_port_close_start
|
C |
|
done |
47 |
1296d |
1761d
|
1/1 |
1265d |
1f51881e2dcc
ttyprintk: Add TTY hangup callback.
|
KASAN: null-ptr-deref Read in llcp_sock_getname
|
C |
|
|
37 |
1299d |
1859d
|
1/1 |
1271d |
93e4ac2a9979
nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
|
kernel BUG in z_erofs_map_blocks_iter
|
syz |
|
done |
10 |
1311d |
1372d
|
1/1 |
1281d |
006270aa8f9c
erofs: add unsupported inode i_format check
|
kernel BUG at fs/inode.c:LINE! (2)
|
C |
|
done |
5 |
1315d |
1454d
|
1/1 |
1283d |
006270aa8f9c
erofs: add unsupported inode i_format check
|
general protection fault in __queue_work
|
syz |
|
done |
1 |
1315d |
1563d
|
1/1 |
1283d |
35113c4c9fa7
bluetooth: eliminate the potential race condition when removing the HCI controller
|
general protection fault in nl802154_del_llsec_devkey
|
C |
|
done |
110 |
1328d |
1388d
|
1/1 |
1297d |
22e025c1733b
net: ieee802154: fix nl802154 del llsec devkey
|
general protection fault in nl802154_add_llsec_key
|
C |
|
done |
106 |
1328d |
1383d
|
1/1 |
1297d |
bdd1d2784ad3
net: ieee802154: fix nl802154 add llsec key
|
general protection fault in nl802154_del_llsec_key
|
C |
|
done |
91 |
1328d |
1381d
|
1/1 |
1297d |
79ba55c0e7a7
net: ieee802154: fix nl802154 del llsec key
|
general protection fault in ieee802154_llsec_parse_key_id
|
C |
|
done |
64 |
1329d |
1379d
|
1/1 |
1298d |
5983b9de012e
net: ieee802154: nl-mac: fix check on panid
|
WARNING in cfg80211_connect
|
C |
|
done |
336 |
1328d |
1523d
|
1/1 |
1298d |
ee1a5262eb01
cfg80211: remove WARN_ON() in cfg80211_sme_connect
|
general protection fault in nl802154_del_llsec_dev
|
C |
|
done |
70 |
1330d |
1386d
|
1/1 |
1299d |
3fe0c0485a29
net: ieee802154: fix nl802154 del llsec dev
|
general protection fault in crypto_destroy_tfm
|
syz |
|
done |
12 |
1331d |
1375d
|
1/1 |
1300d |
b58bb4eaa0c2
drivers: net: fix memory leak in peak_usb_create_dev
|
BUG: sleeping function called from invalid context in htb_destroy
|
C |
|
done |
2 |
1350d |
1872d
|
1/1 |
1320d |
66f6f4094ff2
net: sched: validate stab values
|
possible deadlock in red_change
|
C |
|
done |
10 |
1352d |
1592d
|
1/1 |
1321d |
66f6f4094ff2
net: sched: validate stab values
|
BUG: unable to handle kernel NULL pointer dereference in __lookup_slow
|
C |
|
done |
23 |
1364d |
1522d
|
1/1 |
1332d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
WARNING in ext4_xattr_set_entry
|
C |
|
done |
12 |
1365d |
1499d
|
1/1 |
1335d |
a8fb57ec924f
ext4: do not try to set xattr into ea_inode if value is empty
|
BUG: unable to handle kernel NULL pointer dereference in amp_read_loc_assoc_final_data
|
C |
|
done |
114 |
1369d |
1585d
|
1/1 |
1335d |
99c2c8b009c4
Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
|
KASAN: use-after-free Read in skb_dequeue
|
syz |
|
done |
1 |
1377d |
1581d
|
1/1 |
1343d |
c1a77dbcaa2d
btrfs: raid56: simplify tracking of Q stripe presence
|
KASAN: use-after-free Read in ntfs_iget
|
C |
|
done |
1 |
1376d |
1436d
|
1/1 |
1343d |
23e895868b51
ntfs: check for valid standard information attribute
|
KASAN: use-after-free Read in ntfs_read_locked_inode
|
C |
|
done |
2 |
1379d |
1529d
|
1/1 |
1349d |
23e895868b51
ntfs: check for valid standard information attribute
|
kernel BUG in pfkey_send_acquire
|
C |
|
done |
56 |
1385d |
1415d
|
1/1 |
1355d |
fa137b50f326
block: split .sysfs_lock into two locks
|
general protection fault in ioctl_standard_call
|
C |
|
done |
23 |
1389d |
1503d
|
1/1 |
1358d |
3f33e522a07f
wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
|
KASAN: slab-out-of-bounds Read in squashfs_export_iget
|
C |
|
done |
5 |
1401d |
1501d
|
1/1 |
1370d |
a6f933a30363
squashfs: add more sanity checks in inode lookup
|
general protection fault in ieee80211_subif_start_xmit
|
C |
|
done |
4 |
1405d |
1447d
|
1/1 |
1371d |
b26b5e086157
mac80211: pause TX while changing interface type
|
UBSAN: undefined-behaviour in tcindex_set_parms
|
C |
|
done |
39 |
1417d |
1532d
|
1/1 |
1379d |
22c1b22672f3
net_sched: avoid shift-out-of-bounds in tcindex_set_parms()
|
kernel BUG at fs/reiserfs/prints.c:LINE!
|
C |
|
done |
5 |
1427d |
1518d
|
1/1 |
1380d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
KASAN: use-after-free Read in search_by_entry_key
|
C |
|
done |
1 |
1427d |
1518d
|
1/1 |
1381d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
KASAN: slab-out-of-bounds Read in squashfs_get_id
|
C |
|
|
58 |
1386d |
1530d
|
1/1 |
1382d |
e5099c0e851a
squashfs: add more sanity checks in id lookup
|
KASAN: use-after-free Read in squashfs_get_id
|
C |
|
|
3 |
1426d |
1479d
|
1/1 |
1382d |
e5099c0e851a
squashfs: add more sanity checks in id lookup
|
KASAN: use-after-free Read in tls_write_space
|
C |
|
done |
25 |
1433d |
2058d
|
1/1 |
1403d |
d71f3fb99620
net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
|
divide error in do_journal_end
|
C |
|
done |
2 |
1435d |
1496d
|
1/1 |
1405d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
general protection fault in dqput
|
C |
|
done |
2 |
1436d |
1450d
|
1/1 |
1406d |
7bae84821b47
quota: Sanity-check quota file headers on load
|
WARNING in md_ioctl
|
C |
|
done |
199 |
1436d |
2053d
|
1/1 |
1406d |
b85abab5913d
md: fix a warning caused by a race between concurrent md_ioctl()s
|
general protection fault in hci_phy_link_complete_evt
|
C |
|
done |
28 |
1441d |
1583d
|
1/1 |
1409d |
abae100355c0
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
KASAN: use-after-free Read in leaf_paste_entries
|
C |
|
done |
1 |
1444d |
1444d
|
1/1 |
1412d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
general protection fault in hci_event_packet
|
C |
|
done |
3 |
1444d |
1510d
|
1/1 |
1414d |
abae100355c0
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
KASAN: slab-out-of-bounds Read in hci_le_meta_evt
|
C |
|
done |
12 |
1444d |
1585d
|
1/1 |
1414d |
61490c481c61
Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
|
KASAN: use-after-free Read in reiserfs_read_locked_inode
|
C |
|
done |
4 |
1447d |
1529d
|
1/1 |
1417d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
INFO: task hung in rdma_destroy_id
|
C |
|
done |
2 |
1448d |
1478d
|
1/1 |
1418d |
014133611851
usb: uas: Add PNY USB Portable SSD to unusual_uas
|
INFO: task hung in do_read_cache_page
|
C |
|
done |
2 |
1449d |
1510d
|
1/1 |
1419d |
8e63266b0d42
fcntl: Fix potential deadlock in send_sig{io, urg}()
|
BUG: unable to handle kernel paging request in dquot_add_space
|
C |
|
done |
1 |
1451d |
1511d
|
1/1 |
1419d |
7bae84821b47
quota: Sanity-check quota file headers on load
|
BUG: unable to handle kernel paging request in dqput
|
C |
|
done |
8 |
1450d |
1519d
|
1/1 |
1419d |
7bae84821b47
quota: Sanity-check quota file headers on load
|
general protection fault in gfs2_ri_update
|
C |
|
done |
28 |
1455d |
1531d
|
1/1 |
1423d |
6790f8b9370b
gfs2: check for empty rgrp tree in gfs2_ri_update
|
KASAN: use-after-free Write in sco_chan_del
|
C |
|
done |
10 |
1458d |
1582d
|
1/1 |
1427d |
abae100355c0
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
KASAN: use-after-free Read in btrfs_scan_one_device
|
C |
|
done |
43 |
1462d |
1538d
|
1/1 |
1432d |
aec62fa475af
btrfs: don't access possibly stale fs_info data for printing duplicate device
|
BUG: sleeping function called from invalid context in corrupted
|
C |
|
done |
2 |
1469d |
1470d
|
1/1 |
1438d |
499b109be688
mac80211: free sta in sta_info_insert_finish() on errors
|
BUG: sleeping function called from invalid context in sta_info_move_state
|
C |
|
done |
760 |
1469d |
1471d
|
1/1 |
1438d |
499b109be688
mac80211: free sta in sta_info_insert_finish() on errors
|
KASAN: slab-out-of-bounds Read in ntfs_attr_find
|
C |
|
done |
10 |
1470d |
1527d
|
1/1 |
1440d |
dff5d7741195
ntfs: add check for mft record size in superblock
|
general protection fault in rose_send_frame
|
C |
|
done |
5 |
1474d |
2052d
|
1/1 |
1440d |
731b9890a7f1
rose: Fix Null pointer dereference in rose_send_frame()
|
KASAN: slab-out-of-bounds Read in soft_cursor
|
C |
|
done |
61 |
1488d |
1826d
|
1/1 |
1457d |
3e1600cc10df
ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
|
KASAN: use-after-free Read in debugfs_remove
|
C |
|
done |
15 |
1492d |
1989d
|
1/1 |
1462d |
8a78b4c0d629
blktrace: fix debugfs use after free
|
UBSAN: undefined-behaviour in init_sb
|
C |
|
done |
2 |
1495d |
1527d
|
1/1 |
1464d |
6a253f385a2d
gfs2: add validation checks for size of superblock
|
WARNING in unlock_new_inode
|
C |
|
done |
66 |
1495d |
1533d
|
1/1 |
1464d |
7a1e074bc18d
reiserfs: only call unlock_new_inode() if I_NEW
|
KASAN: use-after-free Read in tipc_mcast_xmit
|
C |
|
done |
3 |
1495d |
1519d
|
1/1 |
1465d |
26217e062f97
tipc: fix the skb_unshare() in tipc_buf_append()
|
KASAN: global-out-of-bounds Read in fb_pad_aligned_buffer
|
C |
|
done |
5 |
1496d |
1821d
|
1/1 |
1465d |
6612b754ac0c
vt: Disable KD_FONT_OP_COPY
|
KASAN: use-after-free Read in ntfs_attr_find
|
C |
|
done |
13 |
1496d |
1527d
|
1/1 |
1466d |
dff5d7741195
ntfs: add check for mft record size in superblock
|
divide error in tabledist
|
C |
|
done |
3 |
1506d |
1863d
|
1/1 |
1476d |
95ba2236b8e6
netem: fix zero division in tabledist
|
general protection fault in qp_release_pages
|
C |
|
done |
4 |
1507d |
1509d
|
1/1 |
1476d |
0b02a4325780
VMCI: check return value of get_user_pages_fast() for errors
|
UBSAN: undefined-behaviour in tabledist
|
C |
|
done |
2 |
1515d |
1515d
|
1/1 |
1483d |
95ba2236b8e6
netem: fix zero division in tabledist
|
KASAN: global-out-of-bounds Read in fbcon_get_font
|
C |
|
done |
47 |
1514d |
1826d
|
1/1 |
1483d |
43198a5b1c42
fbcon: Fix global-out-of-bounds read in fbcon_get_font()
|
KASAN: slab-out-of-bounds Read in fbcon_get_font
|
C |
|
done |
97 |
1518d |
1826d
|
1/1 |
1488d |
1221d11e5c35
vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize()
|
general protection fault in get_unique_tuple
|
C |
|
done |
33 |
1519d |
1780d
|
1/1 |
1488d |
289fe546ea16
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
general protection fault in nf_nat_setup_info
|
C |
|
done |
22 |
1523d |
1615d
|
1/1 |
1493d |
289fe546ea16
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
KASAN: use-after-free Read in soft_cursor
|
C |
|
done |
16 |
1528d |
1825d
|
1/1 |
1497d |
76fe92986c5c
fbcon: Fix user font detection test at fbcon_resize().
|
KASAN: global-out-of-bounds Read in get_unique_tuple
|
C |
|
done |
1 |
1528d |
1769d
|
1/1 |
1498d |
289fe546ea16
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
KASAN: global-out-of-bounds Read in fbcon_resize
|
C |
|
done |
286 |
1531d |
1551d
|
1/1 |
1500d |
76fe92986c5c
fbcon: Fix user font detection test at fbcon_resize().
|
general protection fault in __sock_release
|
syz |
|
done |
8 |
1545d |
1557d
|
1/1 |
1515d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
WARNING in snd_pcm_plugin_build_mulaw
|
C |
|
done |
2 |
1547d |
1557d
|
1/1 |
1516d |
569e1b621797
ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
|
KASAN: use-after-free Read in seq_release_private
|
syz |
|
done |
1 |
1546d |
1546d
|
1/1 |
1516d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
WARNING: ODEBUG bug in get_signal
|
syz |
|
done |
3 |
1548d |
1558d
|
1/1 |
1517d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
WARNING in snd_pcm_drop
|
syz |
|
done |
1 |
1549d |
1549d
|
1/1 |
1517d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
WARNING: ODEBUG bug in exit_to_usermode_loop
|
syz |
|
done |
2 |
1548d |
1550d
|
1/1 |
1517d |
dff6a2c2828b
nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()'
|
general protection fault in tty_release
|
C |
|
done |
9 |
1549d |
1556d
|
1/1 |
1519d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
KASAN: use-after-free Write in __sock_release
|
syz |
|
done |
1 |
1551d |
1551d
|
1/1 |
1520d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
KASAN: use-after-free Read in locks_remove_file
|
syz |
|
done |
4 |
1550d |
1558d
|
1/1 |
1520d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
KASAN: use-after-free Read in cuse_channel_release
|
syz |
|
done |
1 |
1552d |
1552d
|
1/1 |
1521d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
KASAN: use-after-free Read in __fput
|
syz |
|
done |
1 |
1552d |
1552d
|
1/1 |
1521d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
KASAN: use-after-free Write in ex_handler_refcount
|
C |
|
done |
11 |
1552d |
1761d
|
1/1 |
1522d |
29e1dfcd5150
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
|
kernel BUG at include/linux/fs.h:LINE!
|
syz |
|
done |
1 |
1552d |
1552d
|
1/1 |
1522d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
KASAN: use-after-free Read in snd_pcm_oss_release
|
syz |
|
done |
1 |
1552d |
1552d
|
1/1 |
1522d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
kernel BUG at fs/inode.c:LINE!
|
syz |
|
done |
2 |
1553d |
1582d
|
1/1 |
1522d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
KASAN: invalid-free in vcs_release
|
syz |
|
done |
1 |
1553d |
1553d
|
1/1 |
1523d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
KASAN: use-after-free Read in fbcon_cursor
|
syz |
|
done |
4 |
1554d |
1814d
|
1/1 |
1524d |
770adb5d2b8e
fbcon: remove soft scrollback code
|
BUG: corrupted list in mousedev_release
|
syz |
|
done |
1 |
1554d |
1554d
|
1/1 |
1524d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
KASAN: use-after-free Read in eventfd_release
|
syz |
|
done |
1 |
1556d |
1556d
|
1/1 |
1525d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
INFO: trying to register non-static key in uhid_char_release
|
C |
|
done |
3 |
1556d |
1578d
|
1/1 |
1525d |
abae259fdccc
HID: core: Correctly handle ReportSize being zero
|
WARNING in corrupted (2)
|
C |
|
done |
1 |
1557d |
1557d
|
1/1 |
1526d |
569e1b621797
ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
|
INFO: trying to register non-static key in uhid_dev_destroy
|
C |
|
done |
14 |
1564d |
1732d
|
1/1 |
1534d |
abae259fdccc
HID: core: Correctly handle ReportSize being zero
|
KASAN: slab-out-of-bounds Read in vcs_scr_readw
|
C |
|
inconclusive |
80 |
1816d |
1826d
|
1/1 |
1536d |
627f3b9e4dd8
vcs: prevent write access to vcsu devices
|
WARNING in inc_nlink
|
C |
|
done |
8 |
1566d |
1715d
|
1/1 |
1536d |
169f7f37bd6b
fs/minix: don't allow getting deleted inodes
|
BUG: unable to handle kernel NULL pointer dereference in get_block
|
C |
|
done |
60 |
1570d |
1721d
|
1/1 |
1539d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
KASAN: slab-out-of-bounds Read in get_block
|
C |
|
done |
3 |
1573d |
1689d
|
1/1 |
1542d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
KASAN: use-after-free Read in get_block
|
C |
|
done |
6 |
1573d |
1705d
|
1/1 |
1543d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
KASAN: slab-out-of-bounds Read in hci_event_packet
|
C |
|
done |
15 |
1574d |
1784d
|
1/1 |
1543d |
8c4a649c20fe
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
KASAN: slab-out-of-bounds Read in bacpy
|
C |
|
done |
3 |
1579d |
2041d
|
1/1 |
1545d |
8c4a649c20fe
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
KASAN: slab-out-of-bounds Read in hci_extended_inquiry_result_evt
|
C |
|
done |
6 |
1578d |
1612d
|
1/1 |
1545d |
8c4a649c20fe
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
KASAN: null-ptr-deref Read in drm_dp_aux_dev_get_by_minor
|
C |
|
done |
1 |
1578d |
1638d
|
1/1 |
1545d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
KASAN: slab-out-of-bounds Read in hci_inquiry_result_with_rssi_evt
|
C |
|
done |
4 |
1577d |
1606d
|
1/1 |
1545d |
48f70ecd6a22
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
|
KASAN: use-after-free Read in l2cap_chan_close
|
C |
|
done |
8 |
1578d |
1761d
|
1/1 |
1545d |
29e1dfcd5150
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
|
BUG: unable to handle kernel NULL pointer dereference in do_syscall_64 (2)
|
C |
|
done |
4 |
1582d |
1595d
|
1/1 |
1551d |
dd58bd1b95b7
fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
|
divide error in fbcon_switch
|
C |
|
done |
259 |
1587d |
1826d
|
1/1 |
1552d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
general protection fault in do_con_write
|
C |
|
done |
3008 |
1587d |
1826d
|
1/1 |
1552d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
kernel BUG at fs/buffer.c:LINE!
|
syz |
|
done |
23 |
1583d |
2036d
|
1/1 |
1552d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
general protection fault in free_netdev
|
C |
|
done |
99 |
1585d |
1615d
|
1/1 |
1552d |
abcf95e000b4
ip6_gre: fix null-ptr-deref in ip6gre_init_net()
|
BUG: unable to handle kernel paging request in do_con_trol
|
C |
|
done |
36 |
1587d |
1820d
|
1/1 |
1557d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
WARNING in snd_info_get_line
|
C |
|
done |
23 |
1587d |
1600d
|
1/1 |
1557d |
0c9d4b18bb8a
ALSA: info: Drop WARN_ON() from buffer NULL sanity check
|
BUG: unable to handle kernel paging request in insert_char
|
C |
|
done |
46 |
1601d |
1821d
|
1/1 |
1571d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
INFO: task hung in __flush_work
|
syz |
|
done |
6 |
1603d |
2052d
|
1/1 |
1572d |
af224c2eeda2
net/9p: validate fds in p9_fd_open
|
KASAN: null-ptr-deref Read in do_con_trol
|
C |
|
done |
1 |
1603d |
1753d
|
1/1 |
1572d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
KASAN: null-ptr-deref Read in insert_char
|
C |
|
done |
3 |
1604d |
1799d
|
1/1 |
1573d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
KASAN: user-memory-access Read in insert_char
|
C |
|
done |
2 |
1606d |
1819d
|
1/1 |
1575d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
BUG: unable to handle kernel paging request in csi_J
|
C |
|
done |
3 |
1614d |
1782d
|
1/1 |
1583d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
BUG: unable to handle kernel NULL pointer dereference in generic_perform_write (2)
|
C |
|
done |
1 |
1625d |
1715d
|
1/1 |
1595d |
5dbb625573ab
ext4: avoid race conditions when remounting with options that change dax
|
WARNING in enqueue_task_dl
|
syz |
|
done |
1 |
1633d |
1962d
|
1/1 |
1602d |
edf55b5e3bde
sched/deadline: Initialize ->dl_boosted
|
general protection fault in batadv_iv_ogm_schedule_buff
|
|
|
|
6 |
1721d |
1777d
|
1/1 |
1607d |
bf0ef794e197
batman-adv: Don't schedule OGM for disabled interface
|
general protection fault in fq_codel_enqueue
|
C |
|
done |
5 |
1655d |
1683d
|
1/1 |
1625d |
8920e8ae16a8
net: check untrusted gso_size at kernel entry
|
kernel BUG at arch/x86/mm/physaddr.c:LINE! (2)
|
C |
|
done |
82 |
1656d |
1796d
|
1/1 |
1625d |
a3da2984a40b
vt: fix unicode console freeing with a common interface
|
INFO: trying to register non-static key in hci_uart_flush
|
syz |
|
done |
4 |
1660d |
1904d
|
1/1 |
1630d |
8efa59fc90a5
netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
|
KASAN: use-after-free Write in snd_rawmidi_kernel_write1
|
C |
|
done |
1 |
1662d |
1692d
|
1/1 |
1631d |
a507658fdb2a
ALSA: rawmidi: Fix racy buffer resize under concurrent accesses
|
KASAN: null-ptr-deref Write in choke_reset
|
C |
|
done |
236 |
1663d |
1688d
|
1/1 |
1633d |
1733fe42d94c
USB: serial: garmin_gps: add sanity checking for data length
|
KASAN: use-after-free Read in rdma_listen
|
syz |
|
done |
143 |
1694d |
2006d
|
1/1 |
1664d |
abc4ea7f1345
RDMA/ucma: Put a lock around every call to the rdma_cm layer
|
KASAN: use-after-free Read in cma_cancel_operation
|
C |
|
done |
6 |
1706d |
1857d
|
1/1 |
1676d |
abc4ea7f1345
RDMA/ucma: Put a lock around every call to the rdma_cm layer
|
WARNING in geneve_exit_batch_net
|
C |
|
done |
2 |
1709d |
1753d
|
1/1 |
1678d |
2c1a05e91fc6
geneve: move debug check after netdev unregister
|
WARNING: ODEBUG bug in rfcomm_dev_ioctl
|
C |
|
done |
1 |
1710d |
1710d
|
1/1 |
1679d |
78a4ad28608a
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
|
KASAN: use-after-free Write in release_tty
|
C |
|
done |
148 |
1709d |
1826d
|
1/1 |
1679d |
54584f79579b
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
WARNING: ODEBUG bug in route4_change
|
C |
|
done |
28 |
1714d |
1733d
|
1/1 |
1683d |
ea3d6652c240
net_sched: cls_route: remove the right filter from hashtable
|
WARNING: refcount bug in sock_wfree
|
C |
done |
done |
1 |
1717d |
1837d
|
1/1 |
1686d |
6ce6aea362d4
sctp: fix refcount bug in sctp_wfree
|
KASAN: use-after-free Read in tty_open
|
C |
|
done |
2 |
1720d |
1826d
|
1/1 |
1690d |
54584f79579b
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
BUG: unable to handle kernel paging request in init_srcu_struct_fields
|
syz |
|
done |
3 |
1721d |
1919d
|
1/1 |
1690d |
e36be7959326
usbip: tools: Fix read_usb_vudc_device() error path handling
|
KASAN: slab-out-of-bounds Read in selinux_xfrm_alloc_user
|
C |
|
done |
3 |
1722d |
1727d
|
1/1 |
1691d |
0a7b397c0133
xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
|
WARNING: ODEBUG bug in rfcomm_dlc_free
|
C |
|
done |
21 |
1723d |
1954d
|
1/1 |
1693d |
78a4ad28608a
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
|
KASAN: slab-out-of-bounds Write in tcindex_set_parms
|
C |
|
done |
2 |
1727d |
1727d
|
1/1 |
1695d |
557d015ffb27
net_sched: keep alloc_hash updated after hash allocation
|
KASAN: use-after-free Write in tcindex_set_parms
|
C |
|
done |
3 |
1726d |
1730d
|
1/1 |
1695d |
557d015ffb27
net_sched: keep alloc_hash updated after hash allocation
|
possible deadlock in ovl_write_iter (2)
|
syz |
|
done |
2 |
1729d |
1729d
|
1/1 |
1698d |
eae6b4a4d7f8
USB: Disable LPM on WD19's Realtek Hub
|
KASAN: use-after-free Read in n_tty_receive_buf_common
|
C |
|
done |
40 |
1730d |
1825d
|
1/1 |
1700d |
b4492f1e7456
vt: selection, push sel_lock up
|
inconsistent lock state in rxrpc_put_client_connection_id
|
C |
|
done |
89 |
1739d |
1756d
|
1/1 |
1708d |
43cac315bec1
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
KASAN: use-after-free Read in ext4_xattr_set_entry
|
syz |
|
done |
10 |
1738d |
1986d
|
1/1 |
1708d |
cb1702c403ad
ext4: validate the debug_want_extra_isize mount option at parse time
|
inconsistent lock state in rxrpc_put_client_conn
|
C |
|
done |
6584 |
1739d |
1756d
|
1/1 |
1708d |
43cac315bec1
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
kernel BUG at net/rxrpc/local_object.c:LINE!
|
C |
|
done |
13912 |
1741d |
1951d
|
1/1 |
1710d |
792668145b56
rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
|
general protection fault in selinux_socket_sendmsg
|
C |
|
done |
36 |
1741d |
1922d
|
1/1 |
1711d |
43cac315bec1
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
INFO: task hung in paste_selection
|
C |
|
done |
10 |
1742d |
1817d
|
1/1 |
1712d |
b4492f1e7456
vt: selection, push sel_lock up
|
INFO: task hung in htable_put
|
C |
|
done |
8 |
1744d |
1790d
|
1/1 |
1714d |
acbc5071f073
netfilter: xt_hashlimit: limit the max size of hashtable
|
kernel BUG at fs/reiserfs/lock.c:LINE! (2)
|
C |
|
done |
2 |
1747d |
1747d
|
1/1 |
1717d |
ef3d73fe8836
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
|
INFO: task hung in drain_all_pages
|
C |
|
done |
1 |
1747d |
1777d
|
1/1 |
1717d |
8541452acba5
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
|
KASAN: stack-out-of-bounds Write in ax25_getname
|
C |
|
done |
4 |
1751d |
2047d
|
1/1 |
1720d |
ad598a48fe61
vhost: Check docket sk_family instead of call getname
|
INFO: task hung in hashlimit_mt_check_common
|
C |
|
done |
3 |
1754d |
1769d
|
1/1 |
1722d |
acbc5071f073
netfilter: xt_hashlimit: limit the max size of hashtable
|
INFO: task hung in tty_ldisc_hangup
|
C |
|
done |
10 |
1753d |
1821d
|
1/1 |
1722d |
b4492f1e7456
vt: selection, push sel_lock up
|
general protection fault in padata_reorder
|
C |
|
done |
90 |
1752d |
1756d
|
1/1 |
1722d |
cad926f70b5a
padata: fix null pointer deref of pd->pinst
|
KASAN: slab-out-of-bounds Read in tcf_exts_destroy
|
C |
|
done |
1 |
1757d |
1873d
|
1/1 |
1726d |
478c4b2ffd44
net_sched: fix an OOB access in cls_tcindex
|
BUG: sleeping function called from invalid context in tpk_write
|
C |
|
done |
30 |
1762d |
1824d
|
1/1 |
1731d |
fb56687038cf
ttyprintk: fix a potential deadlock in interrupt context issue
|
general protection fault in path_openat
|
C |
|
done |
13 |
1762d |
1768d
|
1/1 |
1732d |
8d7a5100e29d
vfs: fix do_last() regression
|
KASAN: slab-out-of-bounds Read in __nla_put_nohdr
|
C |
|
done |
1 |
1769d |
1769d
|
1/1 |
1739d |
66ac8ee96faa
net_sched: fix datalen for ematch
|
general protection fault in nft_chain_parse_hook
|
C |
|
done |
5 |
1769d |
1782d
|
1/1 |
1739d |
1f7a1bcd27c3
netfilter: nf_tables: add __nft_chain_type_get()
|
WARNING in cbq_destroy_class
|
C |
|
done |
1 |
1774d |
1774d
|
1/1 |
1743d |
9f7a32834b62
net_sched: fix ops->bind_class() implementations
|
KASAN: slab-out-of-bounds Write in setup_udp_tunnel_sock
|
C |
|
done |
1 |
1775d |
1775d
|
1/1 |
1745d |
d3b5ecceea7d
gtp: make sure only SOCK_DGRAM UDP sockets are accepted
|
KASAN: use-after-free Read in snd_timer_resolution
|
C |
|
done |
2 |
1779d |
1779d
|
1/1 |
1748d |
20f2e4c228c7
ALSA: seq: Fix racy access for queue timer in proc read
|
KASAN: use-after-free Read in tcp_check_sack_reordering
|
C |
|
done |
1 |
1778d |
1778d
|
1/1 |
1748d |
fb56687038cf
ttyprintk: fix a potential deadlock in interrupt context issue
|
general protection fault in xt_rateest_put
|
C |
|
done |
10 |
1779d |
1782d
|
1/1 |
1749d |
e3282417b91c
netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
|
BUG: corrupted list in nf_tables_commit
|
C |
|
done |
2 |
1782d |
1782d
|
1/1 |
1751d |
8260ce5aeee4
netfilter: nf_tables: fix flowtable list del corruption
|
WARNING in nft_request_module
|
C |
|
done |
1 |
1782d |
1782d
|
1/1 |
1751d |
1632efb3553b
netfilter: nf_tables: remove WARN and add NLA_STRING upper limits
|
general protection fault in nft_tunnel_get_init
|
C |
|
done |
1 |
1782d |
1782d
|
1/1 |
1751d |
6de941ce70cd
netfilter: nft_tunnel: fix null-attribute check
|
general protection fault in nf_ct_netns_do_get
|
C |
|
done |
11 |
1787d |
1801d
|
1/1 |
1753d |
46abb2a5cd2f
netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
|
KASAN: use-after-free Write in __alloc_skb
|
C |
|
done |
2 |
1786d |
1854d
|
1/1 |
1756d |
be1a2be7a7b0
net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
|
general protection fault in xt_rateest_tg_checkentry
|
C |
|
done |
12 |
1786d |
1803d
|
1/1 |
1756d |
e3282417b91c
netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
|
KASAN: slab-out-of-bounds Read in macvlan_broadcast
|
C |
|
done |
10 |
1787d |
1792d
|
1/1 |
1757d |
5f3274c53ae7
macvlan: do not assume mac_header is set in macvlan_broadcast()
|
KASAN: use-after-free Read in macvlan_broadcast
|
C |
|
done |
7 |
1789d |
1792d
|
1/1 |
1758d |
5f3274c53ae7
macvlan: do not assume mac_header is set in macvlan_broadcast()
|
WARNING: bad unlock balance in gtp_encap_enable_socket
|
C |
|
done |
2 |
1790d |
1792d
|
1/1 |
1760d |
776a81a024e7
gtp: fix bad unlock balance in gtp_encap_enable_socket
|
BUG: sleeping function called from invalid context in lock_sock_nested
|
syz |
|
done |
1 |
1794d |
1824d
|
1/1 |
1762d |
6b544caa07e5
crypto: af_alg - Use bh_lock_sock in sk_destruct
|
general protection fault in rxrpc_connect_call
|
C |
|
done |
285 |
1797d |
1961d
|
1/1 |
1766d |
792668145b56
rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
|
possible deadlock in refcount_dec_and_mutex_lock
|
C |
done |
done |
5 |
1800d |
1856d
|
1/1 |
1770d |
e83a26a49356
nbd: fix shutdown and recv work deadlock v2
|
INFO: rcu detected stall in addrconf_dad_work (2)
|
C |
|
done |
1 |
1809d |
1809d
|
1/1 |
1779d |
94ac4a4d938f
pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
|
WARNING: refcount bug in cdev_get
|
C |
|
done |
12 |
1809d |
1934d
|
1/1 |
1779d |
f57fd58dda42
bridge/mdb: remove wrong use of NLM_F_MULTI
|
possible deadlock in __might_fault
|
C |
|
done |
385 |
1810d |
2061d
|
1/1 |
1779d |
3757e3818838
usb: mon: Fix a deadlock in usbmon between mmap and read
|
INFO: task hung in fsnotify_mark_destroy_workfn
|
syz |
|
done |
3 |
1813d |
2000d
|
1/1 |
1782d |
42a929edf567
rtc: disable uie before setting time and enable after
|
possible deadlock in mon_bin_vma_fault
|
C |
|
done |
375 |
1813d |
2062d
|
1/1 |
1783d |
3757e3818838
usb: mon: Fix a deadlock in usbmon between mmap and read
|
WARNING in xfrm6_tunnel_net_exit
|
syz |
|
done |
34 |
1814d |
2063d
|
1/1 |
1783d |
bbbe47463da9
xfrm: destroy xfrm_state synchronously on net exit path
|
inconsistent lock state in sp_get
|
C |
|
done |
1 |
1817d |
1817d
|
1/1 |
1786d |
9b8e63d0a6e8
6pack,mkiss: fix possible deadlock
|
KASAN: slab-out-of-bounds Read in linear_transfer
|
C |
|
done |
2 |
1825d |
1825d
|
1/1 |
1794d |
c6bebccd3c62
ALSA: pcm: oss: Avoid potential buffer overflows
|
WARNING: refcount bug in kobject_get
|
C |
|
done |
21 |
1825d |
2055d
|
1/1 |
1795d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
KASAN: use-after-free Read in slip_open
|
C |
done |
done |
7 |
1826d |
1837d
|
1/1 |
1795d |
0c6e6ceae72c
slip: Fix use-after-free Read in slip_open
|
INFO: task hung in vivid_stop_generating_vid_cap
|
C |
|
done |
291 |
1828d |
2062d
|
1/1 |
1798d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
INFO: task hung in sdr_cap_stop_streaming
|
C |
|
done |
152 |
1828d |
2062d
|
1/1 |
1798d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
KASAN: use-after-free Read in __vb2_perform_fileio
|
C |
|
done |
13 |
1829d |
2059d
|
1/1 |
1799d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
KASAN: use-after-free Read in kfree_skb
|
C |
|
done |
95 |
1833d |
1953d
|
1/1 |
1801d |
03bf4876a593
Bluetooth: Fix invalid-free in bcsp_close()
|
WARNING in __vb2_queue_cancel
|
C |
|
done |
11 |
1836d |
2048d
|
1/1 |
1806d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
WARNING: suspicious RCU usage in memfd_fcntl
|
C |
done |
done |
1879 |
1838d |
1861d
|
1/1 |
1808d |
e4cc9c81e230
memfd: Use radix_tree_deref_slot_protected to avoid the warning.
|
possible deadlock in ovl_write_iter
|
syz |
|
done |
84 |
1846d |
2055d
|
1/1 |
1810d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
KASAN: use-after-free Read in rxrpc_send_keepalive
|
syz |
|
done |
6 |
1860d |
1934d
|
1/1 |
1811d |
570ab0dd35f9
rxrpc: Fix call ref leak
|
BUG: corrupted list in p9_fd_cancelled
|
syz |
|
done |
2 |
1846d |
1909d
|
1/1 |
1811d |
78a917bea6ed
perf/core: Consistently fail fork on allocation failures
|
KASAN: use-after-free Read in __lock_sock
|
syz |
|
done |
2 |
1862d |
1863d
|
1/1 |
1811d |
51f0c10890aa
libata/ahci: Fix PCS quirk application
|
WARNING in corrupted
|
syz |
|
done |
25 |
1883d |
2035d
|
1/1 |
1811d |
ed568ca73601
bpf: fix use after free in prog symbol exposure
|
possible deadlock in io_submit_one
|
syz |
|
done |
406 |
1885d |
2063d
|
1/1 |
1812d |
052b31810085
fs/userfaultfd.c: disable irqs for fault_pending and event locks
|
WARNING in bpf_jit_free
|
syz |
|
done |
293 |
1885d |
2063d
|
1/1 |
1812d |
ed568ca73601
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in pneigh_get_next
|
syz |
|
done |
1 |
1997d |
1997d
|
1/1 |
1813d |
103835df6821
neigh: fix use-after-free read in pneigh_get_next
|
WARNING in ovl_rename
|
syz |
|
done |
1 |
2045d |
2045d
|
1/1 |
1813d |
f1c5aa5eda08
ovl: detect overlapping layers
|
kernel BUG at arch/x86/mm/physaddr.c:LINE!
|
syz |
|
done |
1 |
1983d |
1983d
|
1/1 |
1813d |
4736bb277744
ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
|
WARNING in ovl_instantiate
|
syz |
|
done |
5 |
2053d |
2057d
|
1/1 |
1813d |
f1c5aa5eda08
ovl: detect overlapping layers
|
WARNING: suspicious RCU usage in llc_sap_close
|
C |
|
done |
10 |
1852d |
2008d
|
1/1 |
1813d |
9a484516a410
llc: avoid blocking in llc_sap_close()
|
BUG: unable to handle kernel NULL pointer dereference in blk_mq_map_swqueue
|
C |
|
done |
12 |
1862d |
2046d
|
1/1 |
1815d |
9f0f39c92e4f
nbd: fix max number of supported devs
|
KASAN: null-ptr-deref Write in kvm_write_guest_virt_system
|
C |
|
done |
50 |
1879d |
1897d
|
1/1 |
1817d |
3683dd7074dc
crypto: cavium/zip - Add missing single_release()
|
possible deadlock in free_ioctx_users
|
C |
|
done |
77 |
1885d |
2007d
|
1/1 |
1817d |
5bead06b3443
fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
|
KASAN: use-after-free Read in wait_consider_task
|
C |
|
done |
58 |
1889d |
1899d
|
1/1 |
1818d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
WARNING: ODEBUG bug in free_task
|
C |
|
done |
165 |
1889d |
1899d
|
1/1 |
1818d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
general protection fault in tcf_action_destroy
|
C |
|
done |
15 |
1887d |
1909d
|
1/1 |
1818d |
50dddec689cb
mISDN: enforce CAP_NET_RAW for raw sockets
|
WARNING: suspicious RCU usage in netem_enqueue
|
C |
|
done |
2 |
1891d |
1896d
|
1/1 |
1818d |
195a3ea494d2
net_sched: add max len check for TCA_KIND
|
KASAN: use-after-free Read in __change_pid
|
C |
|
done |
4 |
1891d |
1899d
|
1/1 |
1818d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
possible deadlock in do_io_accounting
|
C |
|
done |
4 |
1890d |
2002d
|
1/1 |
1818d |
f1c5aa5eda08
ovl: detect overlapping layers
|
KASAN: use-after-free Read in pids_release
|
C |
|
done |
7 |
1891d |
1898d
|
1/1 |
1818d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
general protection fault in release_task
|
C |
|
done |
3 |
1892d |
1899d
|
1/1 |
1819d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
general protection fault in wait_consider_task
|
C |
|
done |
5 |
1891d |
1897d
|
1/1 |
1819d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
INFO: rcu detected stall in netlink_sendmsg
|
C |
|
done |
3 |
1903d |
1908d
|
1/1 |
1819d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
KASAN: use-after-free Read in release_task
|
C |
|
done |
2 |
1894d |
1896d
|
1/1 |
1820d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
WARNING in handle_desc
|
C |
|
done |
1 |
1900d |
1900d
|
1/1 |
1820d |
21874027e1de
KVM: X86: Fix userspace set invalid CR4
|
BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass
|
C |
|
done |
18 |
1895d |
1913d
|
1/1 |
1820d |
07f7ec87b5f6
net_sched: check cops->tcf_block in tc_bind_tclass()
|
general protection fault in qdisc_destroy
|
C |
|
done |
9 |
1899d |
1909d
|
1/1 |
1820d |
7a1bad565ceb
net_sched: let qdisc_put() accept NULL pointer
|
INFO: rcu detected stall in addrconf_dad_work
|
C |
|
done |
19 |
1901d |
1913d
|
1/1 |
1821d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
INFO: rcu detected stall in mld_ifc_timer_expire
|
C |
|
done |
33 |
1901d |
1913d
|
1/1 |
1821d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
INFO: rcu detected stall in br_handle_frame
|
C |
|
done |
41 |
1901d |
1914d
|
1/1 |
1821d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
INFO: task hung in __x64_sys_io_destroy
|
C |
|
done |
1 |
1902d |
1902d
|
1/1 |
1821d |
ec2a3681b30c
media: tvp5150: fix switch exit in set control handler
|
WARNING: refcount bug in hci_register_dev
|
C |
|
done |
3 |
1908d |
1919d
|
1/1 |
1823d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
WARNING in kernfs_get
|
C |
|
done |
14 |
1908d |
2047d
|
1/1 |
1823d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
general protection fault in kernfs_add_one
|
C |
|
done |
8 |
1916d |
2056d
|
1/1 |
1824d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
general protection fault in packet_lookup_frame
|
C |
|
done |
1 |
1937d |
1937d
|
1/1 |
1825d |
154e6bc497c9
net/packet: fix race in tpacket_snd()
|
WARNING in tty_set_termios
|
C |
|
done |
151 |
1947d |
2057d
|
1/1 |
1825d |
56966212e23f
Bluetooth: hci_uart: check for missing tty operations
|
general protection fault in tcf_ife_init
|
C |
|
done |
15 |
1945d |
1962d
|
1/1 |
1825d |
c4c8899376c2
ife: error out when nla attributes are empty
|
KASAN: null-ptr-deref Write in kthread_stop
|
C |
|
done |
12 |
1945d |
2050d
|
1/1 |
1825d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
general protection fault in rds_recv_rcvbuf_delta
|
C |
|
done |
7 |
1953d |
2000d
|
1/1 |
1827d |
3de749d6d7ce
net/rds: An rds_sock is added too early to the hash table
|
INFO: task hung in blkdev_issue_flush
|
C |
|
done |
2 |
1980d |
1980d
|
1/1 |
1827d |
76cf93f04c3d
hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
|
general protection fault in iptunnel_xmit
|
C |
|
done |
2 |
1954d |
1954d
|
1/1 |
1827d |
4736bb277744
ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
|
WARNING in kernfs_put
|
C |
|
done |
1 |
1985d |
1985d
|
1/1 |
1827d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
WARNING in notify_change
|
C |
|
done |
12 |
1990d |
2047d
|
1/1 |
1828d |
e8e448b08450
Abort file_remove_privs() for non-reg. files
|
BUG: unable to handle kernel paging request in coalesced_mmio_write
|
C |
|
done |
2 |
1989d |
1989d
|
1/1 |
1828d |
232a6462f43f
KVM: coalesced_mmio: add bounds checking
|
possible deadlock in userfaultfd_release
|
C |
|
done |
4 |
1990d |
1995d
|
1/1 |
1828d |
052b31810085
fs/userfaultfd.c: disable irqs for fault_pending and event locks
|
possible deadlock in acct_pin_kill
|
C |
|
done |
125 |
2021d |
2055d
|
1/1 |
1828d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
WARNING in xfrm_state_fini
|
C |
|
done |
78 |
2038d |
2062d
|
1/1 |
1829d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
WARNING in __flush_work
|
C |
|
done |
135 |
2035d |
2041d
|
1/1 |
1829d |
af48f7d79fae
drm/udl: Replace drm_dev_unref with drm_dev_put
|
KASAN: use-after-free Read in get_mem_cgroup_from_mm
|
C |
|
done |
6 |
2044d |
2057d
|
1/1 |
1829d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
general protection fault in ip6erspan_set_version
|
C |
|
done |
7 |
2053d |
2062d
|
1/1 |
1830d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
possible deadlock in pipe_lock
|
C |
|
done |
2 |
2045d |
2048d
|
1/1 |
1830d |
f1c5aa5eda08
ovl: detect overlapping layers
|
general protection fault in sctp_timeout_obj_to_nlattr
|
C |
|
done |
7 |
2057d |
2061d
|
1/1 |
1830d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
general protection fault in generic_timeout_obj_to_nlattr
|
C |
|
done |
11 |
2058d |
2062d
|
1/1 |
1830d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
general protection fault in gre_timeout_obj_to_nlattr
|
C |
|
done |
13 |
2057d |
2063d
|
1/1 |
1830d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
general protection fault in tcp_timeout_obj_to_nlattr
|
C |
|
done |
7 |
2058d |
2060d
|
1/1 |
1831d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
general protection fault in icmp_timeout_obj_to_nlattr
|
C |
|
done |
3 |
2060d |
2062d
|
1/1 |
1831d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
general protection fault in udp_timeout_obj_to_nlattr
|
C |
|
done |
8 |
2058d |
2063d
|
1/1 |
1831d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
general protection fault in dccp_timeout_obj_to_nlattr
|
C |
|
done |
7 |
2058d |
2063d
|
1/1 |
1831d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|