| KASAN: use-after-free Read in skb_dequeue (2) |
C |
|
done |
2 |
252d |
282d
|
222d |
f7bffefa322a
tty: Fix data race between tiocsti() and flush_to_ldisc()
|
| KASAN: use-after-free Read in ext4_xattr_set_entry (2) |
C |
|
done |
7 |
255d |
713d
|
224d |
c481607ba522
ext4: fix race writing to an inline_data file while its xattrs are changing
|
| inconsistent lock state in sco_sock_timeout |
C |
|
done |
19 |
255d |
646d
|
225d |
48669c81a656
Bluetooth: schedule SCO timeouts with delayed_work
|
| BUG: sleeping function called from invalid context in lock_sock_nested (2) |
C |
|
done |
3909 |
256d |
349d
|
225d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
| KASAN: slab-out-of-bounds Write in ext4_write_inline_data |
C |
|
done |
3 |
261d |
467d
|
231d |
c481607ba522
ext4: fix race writing to an inline_data file while its xattrs are changing
|
| BUG: soft lockup in tx |
C |
|
done |
1 |
264d |
294d
|
233d |
7c113506163a
fq_codel: reject silly quantum parameters
|
| BUG: corrupted list in kobject_add_internal |
C |
|
done |
2 |
268d |
515d
|
238d |
3f7b869c1b44
Bluetooth: avoid circular locks in sco_sock_connect
|
| kernel BUG in kvm_hv_set_msr_common |
syz |
|
done |
2 |
269d |
299d
|
238d |
41d2efaed5bd
KVM: remember position in kvm->vcpus array
|
| BUG: unable to handle kernel paging request in do_syscall_64 |
C |
|
done |
3 |
274d |
792d
|
241d |
6be10fb6c143
fbmem: add margin check to fb_check_caps()
|
| general protection fault in do_syscall_64 (2) |
syz |
|
done |
2 |
273d |
606d
|
241d |
6be10fb6c143
fbmem: add margin check to fb_check_caps()
|
| KASAN: use-after-free Read in ip_check_mc_rcu |
syz |
|
done |
7 |
275d |
426d
|
241d |
4768973dffed
igmp: Add ip_mc_list lock in ip_check_mc_rcu
|
| KASAN: slab-out-of-bounds Write in decode_data |
C |
|
done |
1 |
276d |
822d
|
245d |
4e370cc081a7
net: 6pack: fix slab-out-of-bounds in decode_data
|
| INFO: task hung in do_fb_ioctl (2) |
C |
|
done |
7 |
276d |
691d
|
246d |
6be10fb6c143
fbmem: add margin check to fb_check_caps()
|
| BUG: unable to handle kernel paging request in do_csum |
C |
|
done |
1 |
276d |
495d
|
246d |
c33471daf276
ip_gre: add validation for csum_start
|
| BUG: unable to handle kernel NULL pointer dereference in __lookup_slow (2) |
C |
|
done |
15 |
286d |
410d
|
254d |
df2f583b6363
reiserfs: add check for root_inode in reiserfs_fill_super
|
| KASAN: use-after-free Read in search_by_entry_key (2) |
C |
|
done |
2 |
287d |
437d
|
257d |
df2f583b6363
reiserfs: add check for root_inode in reiserfs_fill_super
|
| KASAN: use-after-free Read in __queue_work |
syz |
|
done |
5 |
288d |
660d
|
257d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
| WARNING in close_fs_devices |
C |
|
done |
105 |
299d |
616d
|
268d |
4c97ed4332be
ocfs2: fix zero out valid data
|
| possible deadlock in cleanup_net |
C |
|
done |
5212 |
299d |
561d
|
268d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
| possible deadlock in __sock_release |
C |
|
done |
57446 |
299d |
561d
|
268d |
7d2c0c0516e6
PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
|
| KASAN: use-after-free Write in hci_sock_bind |
C |
|
done |
12 |
305d |
865d
|
272d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
| kernel BUG at drivers/dma-buf/dma-buf.c:LINE! |
syz |
|
done |
1 |
303d |
786d
|
272d |
020a44cc54d6
drm: Return -ENOTTY for non-drm ioctls
|
| unexpected kernel reboot |
C |
|
done |
684 |
312d |
1088d
|
281d |
da84e8e9290e
KVM: x86: determine if an exception has an error code only when injecting it.
|
| KASAN: use-after-free Read in reservation_object_test_signaled_rcu |
C |
|
done |
4 |
312d |
547d
|
281d |
020a44cc54d6
drm: Return -ENOTTY for non-drm ioctls
|
| BUG: unable to handle kernel paging request in diFree |
C |
|
done |
18 |
312d |
603d
|
282d |
aff8d95b6905
jfs: fix GPF in diFree
|
| KASAN: use-after-free Read in hci_chan_del |
C |
|
done |
24 |
315d |
661d
|
283d |
35113c4c9fa7
bluetooth: eliminate the potential race condition when removing the HCI controller
|
| WARNING in drm_prime_destroy_file_private |
syz |
|
done |
6 |
314d |
505d
|
283d |
020a44cc54d6
drm: Return -ENOTTY for non-drm ioctls
|
| divide error in do_journal_end (2) |
C |
|
done |
4 |
318d |
429d
|
286d |
47b4b8f0d378
reiserfs: add check for invalid 1st journal block
|
| general protection fault in mount_fs |
C |
|
done |
12 |
317d |
548d
|
286d |
5485fe228f97
ext4: return error code when ext4_fill_flex_info() fails
|
| WARNING: suspicious RCU usage in vxlan_xmit |
C |
|
done |
1 |
322d |
322d
|
292d |
f80201ff7937
vxlan: add missing rcu_read_lock() in neigh_reduce()
|
| WARNING in batadv_iv_send_outstanding_bat_ogm_packet |
C |
|
done |
373 |
329d |
945d
|
299d |
e8e9d2968a9d
batman-adv: Avoid WARN_ON timing related checks
|
| general protection fault in ieee802154_llsec_parse_dev_addr |
C |
|
done |
32 |
333d |
451d
|
302d |
00b16396ad26
HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65
|
| KASAN: use-after-free Read in qfq_search_class |
C |
|
done |
2 |
336d |
822d
|
305d |
98fd088c3254
pkt_sched: sch_qfq: fix qfq_change_class() error path
|
| KASAN: use-after-free Read in ntfs_iget (2) |
C |
|
done |
1 |
337d |
337d
|
307d |
00f00f5db888
ntfs: fix validity check for file name attribute
|
| WARNING in sta_apply_parameters |
C |
|
done |
1 |
337d |
564d
|
307d |
25487a5ff100
mac80211: remove warning in ieee80211_get_sband()
|
| WARNING in sta_info_alloc |
C |
|
done |
15 |
340d |
597d
|
310d |
25487a5ff100
mac80211: remove warning in ieee80211_get_sband()
|
| KASAN: null-ptr-deref Write in vhci_shutdown_connection |
syz |
|
done |
498 |
344d |
525d
|
310d |
d42c3ebb3156
can: bcm/raw/isotp: use per module netdevice notifier
|
| WARNING in process_one_work |
C |
|
done |
9 |
346d |
911d
|
315d |
e8e9d2968a9d
batman-adv: Avoid WARN_ON timing related checks
|
| general protection fault in try_to_wake_up |
syz |
|
done |
229 |
346d |
434d
|
316d |
d42c3ebb3156
can: bcm/raw/isotp: use per module netdevice notifier
|
| WARNING: ODEBUG bug in slave_kobj_release |
C |
|
done |
28 |
351d |
528d
|
321d |
f583748c2a4a
bonding: init notify_work earlier to avoid uninitialized use
|
| KASAN: use-after-free Read in drm_getunique |
syz |
|
done |
2 |
364d |
532d
|
333d |
7d233ba700ce
drm: Fix use-after-free read in drm_getunique()
|
| BUG: unable to handle kernel NULL pointer dereference in corrupted |
C |
|
done |
6 |
365d |
947d
|
335d |
93e4ac2a9979
nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
|
| KASAN: global-out-of-bounds Read in soft_cursor |
C |
|
done |
22 |
366d |
833d
|
335d |
8c5ec4a731e1
vt: Fix character height handling with VT_RESIZEX
|
| KASAN: global-out-of-bounds Read in bit_putcs |
C |
|
done |
214 |
366d |
903d
|
335d |
8c5ec4a731e1
vt: Fix character height handling with VT_RESIZEX
|
| WARNING: ODEBUG bug in cancel_delayed_work |
C |
|
done |
1226 |
368d |
664d
|
336d |
02f681a5e827
Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
|
| KASAN: use-after-free Read in hci_send_acl |
C |
|
done |
3 |
369d |
661d
|
336d |
75e26178e26f
Bluetooth: verify AMP hci_chan before amp_destroy
|
| KASAN: use-after-free Read in nfc_llcp_sock_unlink |
C |
|
done |
22 |
369d |
406d
|
336d |
48fba458fe54
net/nfc: fix use-after-free llcp_sock_bind/connect
|
| WARNING in hsr_addr_subst_dest |
C |
|
done |
3099 |
369d |
1137d
|
336d |
40fa36443db3
hsr: use netdev_err() instead of WARN_ONCE()
|
| KASAN: slab-out-of-bounds Read in soft_cursor (2) |
C |
|
done |
8 |
368d |
490d
|
336d |
8c5ec4a731e1
vt: Fix character height handling with VT_RESIZEX
|
| possible deadlock in tty_port_close_start |
C |
|
done |
47 |
374d |
840d
|
344d |
1f51881e2dcc
ttyprintk: Add TTY hangup callback.
|
| KASAN: null-ptr-deref Read in llcp_sock_getname |
C |
|
|
37 |
378d |
937d
|
349d |
93e4ac2a9979
nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
|
| kernel BUG in z_erofs_map_blocks_iter |
syz |
|
done |
10 |
390d |
451d
|
359d |
006270aa8f9c
erofs: add unsupported inode i_format check
|
| kernel BUG at fs/inode.c:LINE! (2) |
C |
|
done |
5 |
394d |
532d
|
361d |
006270aa8f9c
erofs: add unsupported inode i_format check
|
| general protection fault in __queue_work |
syz |
|
done |
1 |
394d |
641d
|
361d |
35113c4c9fa7
bluetooth: eliminate the potential race condition when removing the HCI controller
|
| general protection fault in nl802154_del_llsec_devkey |
C |
|
done |
110 |
407d |
466d
|
375d |
22e025c1733b
net: ieee802154: fix nl802154 del llsec devkey
|
| general protection fault in nl802154_add_llsec_key |
C |
|
done |
106 |
406d |
462d
|
375d |
bdd1d2784ad3
net: ieee802154: fix nl802154 add llsec key
|
| general protection fault in nl802154_del_llsec_key |
C |
|
done |
91 |
407d |
459d
|
375d |
79ba55c0e7a7
net: ieee802154: fix nl802154 del llsec key
|
| general protection fault in ieee802154_llsec_parse_key_id |
C |
|
done |
64 |
407d |
458d
|
377d |
5983b9de012e
net: ieee802154: nl-mac: fix check on panid
|
| WARNING in cfg80211_connect |
C |
|
done |
336 |
407d |
601d
|
377d |
ee1a5262eb01
cfg80211: remove WARN_ON() in cfg80211_sme_connect
|
| general protection fault in nl802154_del_llsec_dev |
C |
|
done |
70 |
408d |
464d
|
378d |
3fe0c0485a29
net: ieee802154: fix nl802154 del llsec dev
|
| general protection fault in crypto_destroy_tfm |
syz |
|
done |
12 |
409d |
454d
|
379d |
b58bb4eaa0c2
drivers: net: fix memory leak in peak_usb_create_dev
|
| BUG: sleeping function called from invalid context in htb_destroy |
C |
|
done |
2 |
428d |
950d
|
398d |
66f6f4094ff2
net: sched: validate stab values
|
| possible deadlock in red_change |
C |
|
done |
10 |
430d |
670d
|
399d |
66f6f4094ff2
net: sched: validate stab values
|
| BUG: unable to handle kernel NULL pointer dereference in __lookup_slow |
C |
|
done |
23 |
443d |
601d
|
410d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| WARNING in ext4_xattr_set_entry |
C |
|
done |
12 |
444d |
578d
|
413d |
a8fb57ec924f
ext4: do not try to set xattr into ea_inode if value is empty
|
| BUG: unable to handle kernel NULL pointer dereference in amp_read_loc_assoc_final_data |
C |
|
done |
114 |
447d |
663d
|
413d |
99c2c8b009c4
Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
|
| KASAN: use-after-free Read in skb_dequeue |
syz |
|
done |
1 |
455d |
659d
|
422d |
c1a77dbcaa2d
btrfs: raid56: simplify tracking of Q stripe presence
|
| KASAN: use-after-free Read in ntfs_iget |
C |
|
done |
1 |
455d |
515d
|
422d |
23e895868b51
ntfs: check for valid standard information attribute
|
| KASAN: use-after-free Read in ntfs_read_locked_inode |
C |
|
done |
2 |
457d |
607d
|
427d |
23e895868b51
ntfs: check for valid standard information attribute
|
| kernel BUG in pfkey_send_acquire |
C |
|
done |
56 |
464d |
493d
|
433d |
fa137b50f326
block: split .sysfs_lock into two locks
|
| general protection fault in ioctl_standard_call |
C |
|
done |
23 |
468d |
581d
|
437d |
3f33e522a07f
wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
|
| KASAN: slab-out-of-bounds Read in squashfs_export_iget |
C |
|
done |
5 |
479d |
579d
|
449d |
a6f933a30363
squashfs: add more sanity checks in inode lookup
|
| general protection fault in ieee80211_subif_start_xmit |
C |
|
done |
4 |
483d |
525d
|
450d |
b26b5e086157
mac80211: pause TX while changing interface type
|
| UBSAN: undefined-behaviour in tcindex_set_parms |
C |
|
done |
39 |
495d |
610d
|
457d |
22c1b22672f3
net_sched: avoid shift-out-of-bounds in tcindex_set_parms()
|
| kernel BUG at fs/reiserfs/prints.c:LINE! |
C |
|
done |
5 |
506d |
597d
|
458d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| KASAN: use-after-free Read in search_by_entry_key |
C |
|
done |
1 |
506d |
596d
|
459d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| KASAN: slab-out-of-bounds Read in squashfs_get_id |
C |
|
|
58 |
464d |
608d
|
460d |
e5099c0e851a
squashfs: add more sanity checks in id lookup
|
| KASAN: use-after-free Read in squashfs_get_id |
C |
|
|
3 |
504d |
557d
|
460d |
e5099c0e851a
squashfs: add more sanity checks in id lookup
|
| KASAN: use-after-free Read in tls_write_space |
C |
|
done |
25 |
512d |
1137d
|
481d |
d71f3fb99620
net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
|
| divide error in do_journal_end |
C |
|
done |
2 |
514d |
574d
|
483d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| general protection fault in dqput |
C |
|
done |
2 |
514d |
528d
|
484d |
7bae84821b47
quota: Sanity-check quota file headers on load
|
| WARNING in md_ioctl |
C |
|
done |
199 |
514d |
1132d
|
484d |
b85abab5913d
md: fix a warning caused by a race between concurrent md_ioctl()s
|
| general protection fault in hci_phy_link_complete_evt |
C |
|
done |
28 |
519d |
661d
|
488d |
abae100355c0
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
| KASAN: use-after-free Read in leaf_paste_entries |
C |
|
done |
1 |
522d |
522d
|
491d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| general protection fault in hci_event_packet |
C |
|
done |
3 |
522d |
589d
|
492d |
abae100355c0
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
| KASAN: slab-out-of-bounds Read in hci_le_meta_evt |
C |
|
done |
12 |
522d |
663d
|
492d |
61490c481c61
Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
|
| KASAN: use-after-free Read in reiserfs_read_locked_inode |
C |
|
done |
4 |
526d |
608d
|
495d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| INFO: task hung in rdma_destroy_id |
C |
|
done |
2 |
526d |
556d
|
496d |
014133611851
usb: uas: Add PNY USB Portable SSD to unusual_uas
|
| INFO: task hung in do_read_cache_page |
C |
|
done |
2 |
528d |
588d
|
497d |
8e63266b0d42
fcntl: Fix potential deadlock in send_sig{io, urg}()
|
| BUG: unable to handle kernel paging request in dquot_add_space |
C |
|
done |
1 |
529d |
589d
|
498d |
7bae84821b47
quota: Sanity-check quota file headers on load
|
| BUG: unable to handle kernel paging request in dqput |
C |
|
done |
8 |
528d |
597d
|
498d |
7bae84821b47
quota: Sanity-check quota file headers on load
|
| general protection fault in gfs2_ri_update |
C |
|
done |
28 |
533d |
609d
|
501d |
6790f8b9370b
gfs2: check for empty rgrp tree in gfs2_ri_update
|
| KASAN: use-after-free Write in sco_chan_del |
C |
|
done |
10 |
537d |
661d
|
506d |
abae100355c0
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
| KASAN: use-after-free Read in btrfs_scan_one_device |
C |
|
done |
43 |
541d |
616d
|
511d |
aec62fa475af
btrfs: don't access possibly stale fs_info data for printing duplicate device
|
| BUG: sleeping function called from invalid context in corrupted |
C |
|
done |
2 |
547d |
548d
|
516d |
499b109be688
mac80211: free sta in sta_info_insert_finish() on errors
|
| BUG: sleeping function called from invalid context in sta_info_move_state |
C |
|
done |
760 |
547d |
549d
|
516d |
499b109be688
mac80211: free sta in sta_info_insert_finish() on errors
|
| KASAN: slab-out-of-bounds Read in ntfs_attr_find |
C |
|
done |
10 |
549d |
606d
|
518d |
dff5d7741195
ntfs: add check for mft record size in superblock
|
| general protection fault in rose_send_frame |
C |
|
done |
5 |
553d |
1130d
|
518d |
731b9890a7f1
rose: Fix Null pointer dereference in rose_send_frame()
|
| KASAN: slab-out-of-bounds Read in soft_cursor |
C |
|
done |
61 |
566d |
904d
|
536d |
3e1600cc10df
ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
|
| KASAN: use-after-free Read in debugfs_remove |
C |
|
done |
15 |
571d |
1067d
|
540d |
8a78b4c0d629
blktrace: fix debugfs use after free
|
| UBSAN: undefined-behaviour in init_sb |
C |
|
done |
2 |
573d |
606d
|
543d |
6a253f385a2d
gfs2: add validation checks for size of superblock
|
| WARNING in unlock_new_inode |
C |
|
done |
66 |
573d |
611d
|
543d |
7a1e074bc18d
reiserfs: only call unlock_new_inode() if I_NEW
|
| KASAN: use-after-free Read in tipc_mcast_xmit |
C |
|
done |
3 |
574d |
597d
|
543d |
26217e062f97
tipc: fix the skb_unshare() in tipc_buf_append()
|
| KASAN: global-out-of-bounds Read in fb_pad_aligned_buffer |
C |
|
done |
5 |
574d |
900d
|
543d |
6612b754ac0c
vt: Disable KD_FONT_OP_COPY
|
| KASAN: use-after-free Read in ntfs_attr_find |
C |
|
done |
13 |
575d |
606d
|
544d |
dff5d7741195
ntfs: add check for mft record size in superblock
|
| divide error in tabledist |
C |
|
done |
3 |
585d |
942d
|
554d |
95ba2236b8e6
netem: fix zero division in tabledist
|
| general protection fault in qp_release_pages |
C |
|
done |
4 |
586d |
588d
|
554d |
0b02a4325780
VMCI: check return value of get_user_pages_fast() for errors
|
| UBSAN: undefined-behaviour in tabledist |
C |
|
done |
2 |
593d |
593d
|
561d |
95ba2236b8e6
netem: fix zero division in tabledist
|
| KASAN: global-out-of-bounds Read in fbcon_get_font |
C |
|
done |
47 |
593d |
904d
|
561d |
43198a5b1c42
fbcon: Fix global-out-of-bounds read in fbcon_get_font()
|
| KASAN: slab-out-of-bounds Read in fbcon_get_font |
C |
|
done |
97 |
597d |
905d
|
566d |
1221d11e5c35
vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize()
|
| general protection fault in get_unique_tuple |
C |
|
done |
33 |
597d |
859d
|
566d |
289fe546ea16
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
| general protection fault in nf_nat_setup_info |
C |
|
done |
22 |
602d |
693d
|
571d |
289fe546ea16
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
| KASAN: use-after-free Read in soft_cursor |
C |
|
done |
16 |
606d |
903d
|
576d |
76fe92986c5c
fbcon: Fix user font detection test at fbcon_resize().
|
| KASAN: global-out-of-bounds Read in get_unique_tuple |
C |
|
done |
1 |
607d |
847d
|
576d |
289fe546ea16
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
| KASAN: global-out-of-bounds Read in fbcon_resize |
C |
|
done |
286 |
609d |
629d
|
579d |
76fe92986c5c
fbcon: Fix user font detection test at fbcon_resize().
|
| general protection fault in __sock_release |
syz |
|
done |
8 |
624d |
636d
|
593d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING in snd_pcm_plugin_build_mulaw |
C |
|
done |
2 |
625d |
635d
|
594d |
569e1b621797
ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
|
| KASAN: use-after-free Read in seq_release_private |
syz |
|
done |
1 |
625d |
625d
|
594d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING: ODEBUG bug in get_signal |
syz |
|
done |
3 |
627d |
636d
|
595d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING in snd_pcm_drop |
syz |
|
done |
1 |
627d |
627d
|
595d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING: ODEBUG bug in exit_to_usermode_loop |
syz |
|
done |
2 |
626d |
628d
|
595d |
dff6a2c2828b
nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()'
|
| general protection fault in tty_release |
C |
|
done |
9 |
628d |
634d
|
597d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Write in __sock_release |
syz |
|
done |
1 |
629d |
629d
|
598d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in locks_remove_file |
syz |
|
done |
4 |
628d |
637d
|
598d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in cuse_channel_release |
syz |
|
done |
1 |
630d |
630d
|
599d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in __fput |
syz |
|
done |
1 |
630d |
630d
|
599d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Write in ex_handler_refcount |
C |
|
done |
11 |
630d |
839d
|
600d |
29e1dfcd5150
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
|
| kernel BUG at include/linux/fs.h:LINE! |
syz |
|
done |
1 |
631d |
631d
|
600d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in snd_pcm_oss_release |
syz |
|
done |
1 |
630d |
630d
|
600d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| kernel BUG at fs/inode.c:LINE! |
syz |
|
done |
2 |
631d |
660d
|
601d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: invalid-free in vcs_release |
syz |
|
done |
1 |
631d |
631d
|
601d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in fbcon_cursor |
syz |
|
done |
4 |
633d |
892d
|
602d |
770adb5d2b8e
fbcon: remove soft scrollback code
|
| BUG: corrupted list in mousedev_release |
syz |
|
done |
1 |
633d |
633d
|
602d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in eventfd_release |
syz |
|
done |
1 |
634d |
634d
|
604d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| INFO: trying to register non-static key in uhid_char_release |
C |
|
done |
3 |
634d |
656d
|
604d |
abae259fdccc
HID: core: Correctly handle ReportSize being zero
|
| WARNING in corrupted (2) |
C |
|
done |
1 |
635d |
635d
|
604d |
569e1b621797
ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
|
| INFO: trying to register non-static key in uhid_dev_destroy |
C |
|
done |
14 |
643d |
810d
|
612d |
abae259fdccc
HID: core: Correctly handle ReportSize being zero
|
| KASAN: slab-out-of-bounds Read in vcs_scr_readw |
C |
|
inconclusive |
80 |
895d |
904d
|
614d |
627f3b9e4dd8
vcs: prevent write access to vcsu devices
|
| WARNING in inc_nlink |
C |
|
done |
8 |
644d |
793d
|
614d |
169f7f37bd6b
fs/minix: don't allow getting deleted inodes
|
| BUG: unable to handle kernel NULL pointer dereference in get_block |
C |
|
done |
60 |
649d |
799d
|
617d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| KASAN: slab-out-of-bounds Read in get_block |
C |
|
done |
3 |
652d |
767d
|
621d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| KASAN: use-after-free Read in get_block |
C |
|
done |
6 |
652d |
784d
|
621d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| KASAN: slab-out-of-bounds Read in hci_event_packet |
C |
|
done |
15 |
652d |
862d
|
621d |
8c4a649c20fe
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
| KASAN: slab-out-of-bounds Read in bacpy |
C |
|
done |
3 |
658d |
1119d
|
623d |
8c4a649c20fe
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
| KASAN: slab-out-of-bounds Read in hci_extended_inquiry_result_evt |
C |
|
done |
6 |
656d |
690d
|
623d |
8c4a649c20fe
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
| KASAN: null-ptr-deref Read in drm_dp_aux_dev_get_by_minor |
C |
|
done |
1 |
656d |
716d
|
623d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| KASAN: slab-out-of-bounds Read in hci_inquiry_result_with_rssi_evt |
C |
|
done |
4 |
656d |
685d
|
623d |
48f70ecd6a22
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
|
| KASAN: use-after-free Read in l2cap_chan_close |
C |
|
done |
8 |
656d |
839d
|
623d |
29e1dfcd5150
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
|
| BUG: unable to handle kernel NULL pointer dereference in do_syscall_64 (2) |
C |
|
done |
4 |
660d |
673d
|
629d |
dd58bd1b95b7
fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
|
| divide error in fbcon_switch |
C |
|
done |
259 |
665d |
905d
|
631d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| general protection fault in do_con_write |
C |
|
done |
3008 |
665d |
904d
|
631d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| kernel BUG at fs/buffer.c:LINE! |
syz |
|
done |
23 |
662d |
1115d
|
631d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| general protection fault in free_netdev |
C |
|
done |
99 |
663d |
693d
|
631d |
abcf95e000b4
ip6_gre: fix null-ptr-deref in ip6gre_init_net()
|
| BUG: unable to handle kernel paging request in do_con_trol |
C |
|
done |
36 |
666d |
898d
|
635d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| WARNING in snd_info_get_line |
C |
|
done |
23 |
665d |
678d
|
635d |
0c9d4b18bb8a
ALSA: info: Drop WARN_ON() from buffer NULL sanity check
|
| BUG: unable to handle kernel paging request in insert_char |
C |
|
done |
46 |
679d |
900d
|
649d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| INFO: task hung in __flush_work |
syz |
|
done |
6 |
681d |
1130d
|
651d |
af224c2eeda2
net/9p: validate fds in p9_fd_open
|
| KASAN: null-ptr-deref Read in do_con_trol |
C |
|
done |
1 |
681d |
831d
|
651d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| KASAN: null-ptr-deref Read in insert_char |
C |
|
done |
3 |
682d |
877d
|
652d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| KASAN: user-memory-access Read in insert_char |
C |
|
done |
2 |
684d |
897d
|
653d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| BUG: unable to handle kernel paging request in csi_J |
C |
|
done |
3 |
692d |
861d
|
661d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| BUG: unable to handle kernel NULL pointer dereference in generic_perform_write (2) |
C |
|
done |
1 |
704d |
794d
|
674d |
5dbb625573ab
ext4: avoid race conditions when remounting with options that change dax
|
| WARNING in enqueue_task_dl |
syz |
|
done |
1 |
711d |
1040d
|
681d |
edf55b5e3bde
sched/deadline: Initialize ->dl_boosted
|
| general protection fault in batadv_iv_ogm_schedule_buff |
|
|
|
6 |
799d |
855d
|
686d |
bf0ef794e197
batman-adv: Don't schedule OGM for disabled interface
|
| general protection fault in fq_codel_enqueue |
C |
|
done |
5 |
733d |
761d
|
703d |
8920e8ae16a8
net: check untrusted gso_size at kernel entry
|
| kernel BUG at arch/x86/mm/physaddr.c:LINE! (2) |
C |
|
done |
82 |
734d |
874d
|
704d |
a3da2984a40b
vt: fix unicode console freeing with a common interface
|
| INFO: trying to register non-static key in hci_uart_flush |
syz |
|
done |
4 |
739d |
983d
|
708d |
8efa59fc90a5
netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
|
| KASAN: use-after-free Write in snd_rawmidi_kernel_write1 |
C |
|
done |
1 |
740d |
770d
|
709d |
a507658fdb2a
ALSA: rawmidi: Fix racy buffer resize under concurrent accesses
|
| KASAN: null-ptr-deref Write in choke_reset |
C |
|
done |
236 |
741d |
766d
|
711d |
1733fe42d94c
USB: serial: garmin_gps: add sanity checking for data length
|
| KASAN: use-after-free Read in rdma_listen |
syz |
|
done |
143 |
773d |
1085d
|
742d |
abc4ea7f1345
RDMA/ucma: Put a lock around every call to the rdma_cm layer
|
| KASAN: use-after-free Read in cma_cancel_operation |
C |
|
done |
6 |
784d |
935d
|
754d |
abc4ea7f1345
RDMA/ucma: Put a lock around every call to the rdma_cm layer
|
| WARNING in geneve_exit_batch_net |
C |
|
done |
2 |
787d |
831d
|
756d |
2c1a05e91fc6
geneve: move debug check after netdev unregister
|
| WARNING: ODEBUG bug in rfcomm_dev_ioctl |
C |
|
done |
1 |
788d |
788d
|
757d |
78a4ad28608a
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
|
| KASAN: use-after-free Write in release_tty |
C |
|
done |
148 |
787d |
904d
|
757d |
54584f79579b
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
| WARNING: ODEBUG bug in route4_change |
C |
|
done |
28 |
792d |
811d
|
762d |
ea3d6652c240
net_sched: cls_route: remove the right filter from hashtable
|
| WARNING: refcount bug in sock_wfree |
C |
done |
done |
1 |
795d |
915d
|
765d |
6ce6aea362d4
sctp: fix refcount bug in sctp_wfree
|
| KASAN: use-after-free Read in tty_open |
C |
|
done |
2 |
799d |
905d
|
768d |
54584f79579b
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
| BUG: unable to handle kernel paging request in init_srcu_struct_fields |
syz |
|
done |
3 |
799d |
997d
|
768d |
e36be7959326
usbip: tools: Fix read_usb_vudc_device() error path handling
|
| KASAN: slab-out-of-bounds Read in selinux_xfrm_alloc_user |
C |
|
done |
3 |
801d |
805d
|
769d |
0a7b397c0133
xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
|
| WARNING: ODEBUG bug in rfcomm_dlc_free |
C |
|
done |
21 |
801d |
1033d
|
771d |
78a4ad28608a
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
|
| KASAN: slab-out-of-bounds Write in tcindex_set_parms |
C |
|
done |
2 |
805d |
805d
|
773d |
557d015ffb27
net_sched: keep alloc_hash updated after hash allocation
|
| KASAN: use-after-free Write in tcindex_set_parms |
C |
|
done |
3 |
804d |
808d
|
773d |
557d015ffb27
net_sched: keep alloc_hash updated after hash allocation
|
| possible deadlock in ovl_write_iter (2) |
syz |
|
done |
2 |
807d |
807d
|
777d |
eae6b4a4d7f8
USB: Disable LPM on WD19's Realtek Hub
|
| KASAN: use-after-free Read in n_tty_receive_buf_common |
C |
|
done |
40 |
809d |
903d
|
778d |
b4492f1e7456
vt: selection, push sel_lock up
|
| inconsistent lock state in rxrpc_put_client_connection_id |
C |
|
done |
89 |
817d |
834d
|
786d |
43cac315bec1
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
| KASAN: use-after-free Read in ext4_xattr_set_entry |
syz |
|
done |
10 |
817d |
1065d
|
786d |
cb1702c403ad
ext4: validate the debug_want_extra_isize mount option at parse time
|
| inconsistent lock state in rxrpc_put_client_conn |
C |
|
done |
6584 |
817d |
834d
|
786d |
43cac315bec1
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
| kernel BUG at net/rxrpc/local_object.c:LINE! |
C |
|
done |
13912 |
819d |
1029d
|
788d |
792668145b56
rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
|
| general protection fault in selinux_socket_sendmsg |
C |
|
done |
36 |
819d |
1000d
|
789d |
43cac315bec1
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
| INFO: task hung in paste_selection |
C |
|
done |
10 |
820d |
896d
|
790d |
b4492f1e7456
vt: selection, push sel_lock up
|
| INFO: task hung in htable_put |
C |
|
done |
8 |
822d |
868d
|
792d |
acbc5071f073
netfilter: xt_hashlimit: limit the max size of hashtable
|
| kernel BUG at fs/reiserfs/lock.c:LINE! (2) |
C |
|
done |
2 |
825d |
825d
|
795d |
ef3d73fe8836
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
|
| INFO: task hung in drain_all_pages |
C |
|
done |
1 |
826d |
856d
|
795d |
8541452acba5
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
|
| KASAN: stack-out-of-bounds Write in ax25_getname |
C |
|
done |
4 |
830d |
1125d
|
799d |
ad598a48fe61
vhost: Check docket sk_family instead of call getname
|
| INFO: task hung in hashlimit_mt_check_common |
C |
|
done |
3 |
832d |
847d
|
800d |
acbc5071f073
netfilter: xt_hashlimit: limit the max size of hashtable
|
| INFO: task hung in tty_ldisc_hangup |
C |
|
done |
10 |
832d |
899d
|
800d |
b4492f1e7456
vt: selection, push sel_lock up
|
| general protection fault in padata_reorder |
C |
|
done |
90 |
831d |
834d
|
800d |
cad926f70b5a
padata: fix null pointer deref of pd->pinst
|
| KASAN: slab-out-of-bounds Read in tcf_exts_destroy |
C |
|
done |
1 |
835d |
952d
|
805d |
478c4b2ffd44
net_sched: fix an OOB access in cls_tcindex
|
| BUG: sleeping function called from invalid context in tpk_write |
C |
|
done |
30 |
840d |
902d
|
810d |
fb56687038cf
ttyprintk: fix a potential deadlock in interrupt context issue
|
| general protection fault in path_openat |
C |
|
done |
13 |
841d |
846d
|
810d |
8d7a5100e29d
vfs: fix do_last() regression
|
| KASAN: slab-out-of-bounds Read in __nla_put_nohdr |
C |
|
done |
1 |
848d |
848d
|
817d |
66ac8ee96faa
net_sched: fix datalen for ematch
|
| general protection fault in nft_chain_parse_hook |
C |
|
done |
5 |
848d |
860d
|
817d |
1f7a1bcd27c3
netfilter: nf_tables: add __nft_chain_type_get()
|
| WARNING in cbq_destroy_class |
C |
|
done |
1 |
853d |
853d
|
822d |
9f7a32834b62
net_sched: fix ops->bind_class() implementations
|
| KASAN: slab-out-of-bounds Write in setup_udp_tunnel_sock |
C |
|
done |
1 |
853d |
853d
|
823d |
d3b5ecceea7d
gtp: make sure only SOCK_DGRAM UDP sockets are accepted
|
| KASAN: use-after-free Read in snd_timer_resolution |
C |
|
done |
2 |
857d |
857d
|
827d |
20f2e4c228c7
ALSA: seq: Fix racy access for queue timer in proc read
|
| KASAN: use-after-free Read in tcp_check_sack_reordering |
C |
|
done |
1 |
857d |
857d
|
827d |
fb56687038cf
ttyprintk: fix a potential deadlock in interrupt context issue
|
| general protection fault in xt_rateest_put |
C |
|
done |
10 |
858d |
860d
|
828d |
e3282417b91c
netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
|
| BUG: corrupted list in nf_tables_commit |
C |
|
done |
2 |
860d |
861d
|
829d |
8260ce5aeee4
netfilter: nf_tables: fix flowtable list del corruption
|
| WARNING in nft_request_module |
C |
|
done |
1 |
860d |
860d
|
829d |
1632efb3553b
netfilter: nf_tables: remove WARN and add NLA_STRING upper limits
|
| general protection fault in nft_tunnel_get_init |
C |
|
done |
1 |
861d |
861d
|
829d |
6de941ce70cd
netfilter: nft_tunnel: fix null-attribute check
|
| general protection fault in nf_ct_netns_do_get |
C |
|
done |
11 |
865d |
880d
|
832d |
46abb2a5cd2f
netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
|
| KASAN: use-after-free Write in __alloc_skb |
C |
|
done |
2 |
864d |
932d
|
834d |
be1a2be7a7b0
net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
|
| general protection fault in xt_rateest_tg_checkentry |
C |
|
done |
12 |
865d |
881d
|
834d |
e3282417b91c
netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
|
| KASAN: slab-out-of-bounds Read in macvlan_broadcast |
C |
|
done |
10 |
865d |
870d
|
835d |
5f3274c53ae7
macvlan: do not assume mac_header is set in macvlan_broadcast()
|
| KASAN: use-after-free Read in macvlan_broadcast |
C |
|
done |
7 |
867d |
870d
|
836d |
5f3274c53ae7
macvlan: do not assume mac_header is set in macvlan_broadcast()
|
| WARNING: bad unlock balance in gtp_encap_enable_socket |
C |
|
done |
2 |
868d |
871d
|
838d |
776a81a024e7
gtp: fix bad unlock balance in gtp_encap_enable_socket
|
| BUG: sleeping function called from invalid context in lock_sock_nested |
syz |
|
done |
1 |
873d |
903d
|
840d |
6b544caa07e5
crypto: af_alg - Use bh_lock_sock in sk_destruct
|
| general protection fault in rxrpc_connect_call |
C |
|
done |
285 |
875d |
1039d
|
845d |
792668145b56
rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
|
| possible deadlock in refcount_dec_and_mutex_lock |
C |
done |
done |
5 |
878d |
934d
|
848d |
e83a26a49356
nbd: fix shutdown and recv work deadlock v2
|
| INFO: rcu detected stall in addrconf_dad_work (2) |
C |
|
done |
1 |
888d |
888d
|
857d |
94ac4a4d938f
pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
|
| WARNING: refcount bug in cdev_get |
C |
|
done |
12 |
887d |
1013d
|
857d |
f57fd58dda42
bridge/mdb: remove wrong use of NLM_F_MULTI
|
| possible deadlock in __might_fault |
C |
|
done |
385 |
889d |
1139d
|
858d |
3757e3818838
usb: mon: Fix a deadlock in usbmon between mmap and read
|
| INFO: task hung in fsnotify_mark_destroy_workfn |
syz |
|
done |
3 |
891d |
1078d
|
860d |
42a929edf567
rtc: disable uie before setting time and enable after
|
| possible deadlock in mon_bin_vma_fault |
C |
|
done |
375 |
891d |
1140d
|
861d |
3757e3818838
usb: mon: Fix a deadlock in usbmon between mmap and read
|
| WARNING in xfrm6_tunnel_net_exit |
syz |
|
done |
34 |
892d |
1141d
|
862d |
bbbe47463da9
xfrm: destroy xfrm_state synchronously on net exit path
|
| inconsistent lock state in sp_get |
C |
|
done |
1 |
895d |
895d
|
864d |
9b8e63d0a6e8
6pack,mkiss: fix possible deadlock
|
| KASAN: slab-out-of-bounds Read in linear_transfer |
C |
|
done |
2 |
903d |
904d
|
873d |
c6bebccd3c62
ALSA: pcm: oss: Avoid potential buffer overflows
|
| WARNING: refcount bug in kobject_get |
C |
|
done |
21 |
904d |
1133d
|
873d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| KASAN: use-after-free Read in slip_open |
C |
done |
done |
7 |
904d |
916d
|
873d |
0c6e6ceae72c
slip: Fix use-after-free Read in slip_open
|
| INFO: task hung in vivid_stop_generating_vid_cap |
C |
|
done |
291 |
907d |
1141d
|
876d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| INFO: task hung in sdr_cap_stop_streaming |
C |
|
done |
152 |
907d |
1141d
|
876d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| KASAN: use-after-free Read in __vb2_perform_fileio |
C |
|
done |
13 |
907d |
1137d
|
877d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| KASAN: use-after-free Read in kfree_skb |
C |
|
done |
95 |
911d |
1031d
|
879d |
03bf4876a593
Bluetooth: Fix invalid-free in bcsp_close()
|
| WARNING in __vb2_queue_cancel |
C |
|
done |
11 |
915d |
1126d
|
884d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| WARNING: suspicious RCU usage in memfd_fcntl |
C |
done |
done |
1879 |
917d |
939d
|
887d |
e4cc9c81e230
memfd: Use radix_tree_deref_slot_protected to avoid the warning.
|
| possible deadlock in ovl_write_iter |
syz |
|
done |
84 |
924d |
1133d
|
888d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| KASAN: use-after-free Read in rxrpc_send_keepalive |
syz |
|
done |
6 |
939d |
1012d
|
889d |
570ab0dd35f9
rxrpc: Fix call ref leak
|
| BUG: corrupted list in p9_fd_cancelled |
syz |
|
done |
2 |
924d |
987d
|
889d |
78a917bea6ed
perf/core: Consistently fail fork on allocation failures
|
| KASAN: use-after-free Read in __lock_sock |
syz |
|
done |
2 |
941d |
941d
|
889d |
51f0c10890aa
libata/ahci: Fix PCS quirk application
|
| WARNING in corrupted |
syz |
|
done |
25 |
961d |
1113d
|
890d |
ed568ca73601
bpf: fix use after free in prog symbol exposure
|
| possible deadlock in io_submit_one |
syz |
|
done |
406 |
963d |
1141d
|
890d |
052b31810085
fs/userfaultfd.c: disable irqs for fault_pending and event locks
|
| WARNING in bpf_jit_free |
syz |
|
done |
293 |
964d |
1141d
|
891d |
ed568ca73601
bpf: fix use after free in prog symbol exposure
|
| KASAN: use-after-free Read in pneigh_get_next |
syz |
|
done |
1 |
1075d |
1075d
|
891d |
103835df6821
neigh: fix use-after-free read in pneigh_get_next
|
| WARNING in ovl_rename |
syz |
|
done |
1 |
1123d |
1123d
|
891d |
f1c5aa5eda08
ovl: detect overlapping layers
|
| kernel BUG at arch/x86/mm/physaddr.c:LINE! |
syz |
|
done |
1 |
1061d |
1061d
|
891d |
4736bb277744
ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
|
| WARNING in ovl_instantiate |
syz |
|
done |
5 |
1131d |
1136d
|
891d |
f1c5aa5eda08
ovl: detect overlapping layers
|
| WARNING: suspicious RCU usage in llc_sap_close |
C |
|
done |
10 |
930d |
1086d
|
891d |
9a484516a410
llc: avoid blocking in llc_sap_close()
|
| BUG: unable to handle kernel NULL pointer dereference in blk_mq_map_swqueue |
C |
|
done |
12 |
940d |
1125d
|
893d |
9f0f39c92e4f
nbd: fix max number of supported devs
|
| KASAN: null-ptr-deref Write in kvm_write_guest_virt_system |
C |
|
done |
50 |
957d |
975d
|
895d |
3683dd7074dc
crypto: cavium/zip - Add missing single_release()
|
| possible deadlock in free_ioctx_users |
C |
|
done |
77 |
963d |
1086d
|
895d |
5bead06b3443
fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
|
| KASAN: use-after-free Read in wait_consider_task |
C |
|
done |
58 |
968d |
977d
|
896d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| WARNING: ODEBUG bug in free_task |
C |
|
done |
165 |
967d |
977d
|
896d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| general protection fault in tcf_action_destroy |
C |
|
done |
15 |
965d |
987d
|
896d |
50dddec689cb
mISDN: enforce CAP_NET_RAW for raw sockets
|
| WARNING: suspicious RCU usage in netem_enqueue |
C |
|
done |
2 |
970d |
974d
|
897d |
195a3ea494d2
net_sched: add max len check for TCA_KIND
|
| KASAN: use-after-free Read in __change_pid |
C |
|
done |
4 |
969d |
977d
|
897d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| possible deadlock in do_io_accounting |
C |
|
done |
4 |
968d |
1080d
|
897d |
f1c5aa5eda08
ovl: detect overlapping layers
|
| KASAN: use-after-free Read in pids_release |
C |
|
done |
7 |
970d |
977d
|
897d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| general protection fault in release_task |
C |
|
done |
3 |
970d |
977d
|
897d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| general protection fault in wait_consider_task |
C |
|
done |
5 |
970d |
975d
|
897d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| INFO: rcu detected stall in netlink_sendmsg |
C |
|
done |
3 |
982d |
987d
|
897d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| KASAN: use-after-free Read in release_task |
C |
|
done |
2 |
972d |
974d
|
898d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| WARNING in handle_desc |
C |
|
done |
1 |
978d |
978d
|
898d |
21874027e1de
KVM: X86: Fix userspace set invalid CR4
|
| BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass |
C |
|
done |
18 |
973d |
992d
|
898d |
07f7ec87b5f6
net_sched: check cops->tcf_block in tc_bind_tclass()
|
| general protection fault in qdisc_destroy |
C |
|
done |
9 |
978d |
988d
|
898d |
7a1bad565ceb
net_sched: let qdisc_put() accept NULL pointer
|
| INFO: rcu detected stall in addrconf_dad_work |
C |
|
done |
19 |
979d |
991d
|
900d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| INFO: rcu detected stall in mld_ifc_timer_expire |
C |
|
done |
33 |
979d |
992d
|
900d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| INFO: rcu detected stall in br_handle_frame |
C |
|
done |
41 |
980d |
992d
|
900d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| INFO: task hung in __x64_sys_io_destroy |
C |
|
done |
1 |
980d |
980d
|
900d |
ec2a3681b30c
media: tvp5150: fix switch exit in set control handler
|
| WARNING: refcount bug in hci_register_dev |
C |
|
done |
3 |
986d |
998d
|
902d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| WARNING in kernfs_get |
C |
|
done |
14 |
986d |
1126d
|
902d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| general protection fault in kernfs_add_one |
C |
|
done |
8 |
995d |
1134d
|
902d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| general protection fault in packet_lookup_frame |
C |
|
done |
1 |
1016d |
1016d
|
903d |
154e6bc497c9
net/packet: fix race in tpacket_snd()
|
| WARNING in tty_set_termios |
C |
|
done |
151 |
1025d |
1135d
|
904d |
56966212e23f
Bluetooth: hci_uart: check for missing tty operations
|
| general protection fault in tcf_ife_init |
C |
|
done |
15 |
1024d |
1041d
|
904d |
c4c8899376c2
ife: error out when nla attributes are empty
|
| KASAN: null-ptr-deref Write in kthread_stop |
C |
|
done |
12 |
1024d |
1129d
|
904d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| general protection fault in rds_recv_rcvbuf_delta |
C |
|
done |
7 |
1031d |
1078d
|
905d |
3de749d6d7ce
net/rds: An rds_sock is added too early to the hash table
|
| INFO: task hung in blkdev_issue_flush |
C |
|
done |
2 |
1058d |
1059d
|
905d |
76cf93f04c3d
hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
|
| general protection fault in iptunnel_xmit |
C |
|
done |
2 |
1032d |
1032d
|
905d |
4736bb277744
ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
|
| WARNING in kernfs_put |
C |
|
done |
1 |
1063d |
1063d
|
906d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| WARNING in notify_change |
C |
|
done |
12 |
1069d |
1126d
|
906d |
e8e448b08450
Abort file_remove_privs() for non-reg. files
|
| BUG: unable to handle kernel paging request in coalesced_mmio_write |
C |
|
done |
2 |
1068d |
1068d
|
906d |
232a6462f43f
KVM: coalesced_mmio: add bounds checking
|
| possible deadlock in userfaultfd_release |
C |
|
done |
4 |
1069d |
1074d
|
906d |
052b31810085
fs/userfaultfd.c: disable irqs for fault_pending and event locks
|
| possible deadlock in acct_pin_kill |
C |
|
done |
125 |
1099d |
1134d
|
907d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| WARNING in xfrm_state_fini |
C |
|
done |
78 |
1116d |
1140d
|
908d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| WARNING in __flush_work |
C |
|
done |
135 |
1113d |
1119d
|
908d |
af48f7d79fae
drm/udl: Replace drm_dev_unref with drm_dev_put
|
| KASAN: use-after-free Read in get_mem_cgroup_from_mm |
C |
|
done |
6 |
1122d |
1136d
|
908d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in ip6erspan_set_version |
C |
|
done |
7 |
1131d |
1141d
|
908d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| possible deadlock in pipe_lock |
C |
|
done |
2 |
1123d |
1127d
|
908d |
f1c5aa5eda08
ovl: detect overlapping layers
|
| general protection fault in sctp_timeout_obj_to_nlattr |
C |
|
done |
7 |
1136d |
1140d
|
909d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in generic_timeout_obj_to_nlattr |
C |
|
done |
11 |
1136d |
1141d
|
909d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in gre_timeout_obj_to_nlattr |
C |
|
done |
13 |
1136d |
1141d
|
909d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in tcp_timeout_obj_to_nlattr |
C |
|
done |
7 |
1137d |
1139d
|
909d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in icmp_timeout_obj_to_nlattr |
C |
|
done |
3 |
1139d |
1141d
|
909d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in udp_timeout_obj_to_nlattr |
C |
|
done |
8 |
1136d |
1141d
|
909d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in dccp_timeout_obj_to_nlattr |
C |
|
done |
7 |
1136d |
1141d
|
909d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|