| BUG: unable to handle kernel paging request in do_syscall_64 |
C |
|
done |
3 |
34d |
553d
|
2d02h |
6be10fb6c143
fbmem: add margin check to fb_check_caps()
|
| general protection fault in do_syscall_64 (2) |
syz |
|
done |
2 |
33d |
367d
|
2d02h |
6be10fb6c143
fbmem: add margin check to fb_check_caps()
|
| KASAN: use-after-free Read in ip_check_mc_rcu |
syz |
|
done |
7 |
35d |
186d
|
2d02h |
4768973dffed
igmp: Add ip_mc_list lock in ip_check_mc_rcu
|
| KASAN: slab-out-of-bounds Write in decode_data |
C |
|
done |
1 |
36d |
583d
|
6d04h |
4e370cc081a7
net: 6pack: fix slab-out-of-bounds in decode_data
|
| INFO: task hung in do_fb_ioctl (2) |
C |
|
done |
7 |
37d |
452d
|
7d02h |
6be10fb6c143
fbmem: add margin check to fb_check_caps()
|
| BUG: unable to handle kernel paging request in do_csum |
C |
|
done |
1 |
37d |
256d
|
7d02h |
c33471daf276
ip_gre: add validation for csum_start
|
| BUG: unable to handle kernel NULL pointer dereference in __lookup_slow (2) |
C |
|
done |
15 |
47d |
170d
|
14d |
df2f583b6363
reiserfs: add check for root_inode in reiserfs_fill_super
|
| KASAN: use-after-free Read in search_by_entry_key (2) |
C |
|
done |
2 |
47d |
198d
|
17d |
df2f583b6363
reiserfs: add check for root_inode in reiserfs_fill_super
|
| KASAN: use-after-free Read in __queue_work |
syz |
|
done |
5 |
49d |
421d
|
18d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
| WARNING in close_fs_devices |
C |
|
done |
105 |
59d |
377d
|
29d |
4c97ed4332be
ocfs2: fix zero out valid data
|
| possible deadlock in cleanup_net |
C |
|
done |
5212 |
60d |
322d
|
29d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
| possible deadlock in __sock_release |
C |
|
done |
57446 |
59d |
322d
|
29d |
7d2c0c0516e6
PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
|
| KASAN: use-after-free Write in hci_sock_bind |
C |
|
done |
12 |
65d |
625d
|
33d |
3719acc161d5
Bluetooth: defer cleanup of resources in hci_unregister_dev()
|
| kernel BUG at drivers/dma-buf/dma-buf.c:LINE! |
syz |
|
done |
1 |
63d |
546d
|
33d |
020a44cc54d6
drm: Return -ENOTTY for non-drm ioctls
|
| unexpected kernel reboot |
C |
|
done |
684 |
72d |
848d
|
42d |
da84e8e9290e
KVM: x86: determine if an exception has an error code only when injecting it.
|
| KASAN: use-after-free Read in reservation_object_test_signaled_rcu |
C |
|
done |
4 |
72d |
307d
|
42d |
020a44cc54d6
drm: Return -ENOTTY for non-drm ioctls
|
| BUG: unable to handle kernel paging request in diFree |
C |
|
done |
18 |
72d |
364d
|
42d |
aff8d95b6905
jfs: fix GPF in diFree
|
| KASAN: use-after-free Read in hci_chan_del |
C |
|
done |
24 |
75d |
421d
|
44d |
35113c4c9fa7
bluetooth: eliminate the potential race condition when removing the HCI controller
|
| WARNING in drm_prime_destroy_file_private |
syz |
|
done |
6 |
74d |
265d
|
44d |
020a44cc54d6
drm: Return -ENOTTY for non-drm ioctls
|
| divide error in do_journal_end (2) |
C |
|
done |
4 |
78d |
189d
|
47d |
47b4b8f0d378
reiserfs: add check for invalid 1st journal block
|
| general protection fault in mount_fs |
C |
|
done |
12 |
78d |
309d
|
47d |
5485fe228f97
ext4: return error code when ext4_fill_flex_info() fails
|
| WARNING: suspicious RCU usage in vxlan_xmit |
C |
|
done |
1 |
83d |
83d
|
52d |
f80201ff7937
vxlan: add missing rcu_read_lock() in neigh_reduce()
|
| WARNING in batadv_iv_send_outstanding_bat_ogm_packet |
C |
|
done |
373 |
90d |
705d
|
59d |
e8e9d2968a9d
batman-adv: Avoid WARN_ON timing related checks
|
| general protection fault in ieee802154_llsec_parse_dev_addr |
C |
|
done |
32 |
93d |
212d
|
62d |
00b16396ad26
HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65
|
| KASAN: use-after-free Read in qfq_search_class |
C |
|
done |
2 |
96d |
583d
|
66d |
98fd088c3254
pkt_sched: sch_qfq: fix qfq_change_class() error path
|
| KASAN: use-after-free Read in ntfs_iget (2) |
C |
|
done |
1 |
98d |
98d
|
67d |
00f00f5db888
ntfs: fix validity check for file name attribute
|
| WARNING in sta_apply_parameters |
C |
|
done |
1 |
98d |
324d
|
68d |
25487a5ff100
mac80211: remove warning in ieee80211_get_sband()
|
| WARNING in sta_info_alloc |
C |
|
done |
15 |
101d |
357d
|
70d |
25487a5ff100
mac80211: remove warning in ieee80211_get_sband()
|
| KASAN: null-ptr-deref Write in vhci_shutdown_connection |
syz |
|
done |
498 |
104d |
285d
|
71d |
d42c3ebb3156
can: bcm/raw/isotp: use per module netdevice notifier
|
| WARNING in process_one_work |
C |
|
done |
9 |
106d |
671d
|
76d |
e8e9d2968a9d
batman-adv: Avoid WARN_ON timing related checks
|
| general protection fault in try_to_wake_up |
syz |
|
done |
229 |
106d |
194d
|
76d |
d42c3ebb3156
can: bcm/raw/isotp: use per module netdevice notifier
|
| WARNING: ODEBUG bug in slave_kobj_release |
C |
|
done |
28 |
112d |
288d
|
81d |
f583748c2a4a
bonding: init notify_work earlier to avoid uninitialized use
|
| KASAN: use-after-free Read in drm_getunique |
syz |
|
done |
2 |
125d |
292d
|
94d |
7d233ba700ce
drm: Fix use-after-free read in drm_getunique()
|
| BUG: unable to handle kernel NULL pointer dereference in corrupted |
C |
|
done |
6 |
126d |
707d
|
95d |
93e4ac2a9979
nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
|
| KASAN: global-out-of-bounds Read in soft_cursor |
C |
|
done |
22 |
126d |
593d
|
96d |
8c5ec4a731e1
vt: Fix character height handling with VT_RESIZEX
|
| KASAN: global-out-of-bounds Read in bit_putcs |
C |
|
done |
214 |
126d |
663d
|
96d |
8c5ec4a731e1
vt: Fix character height handling with VT_RESIZEX
|
| WARNING: ODEBUG bug in cancel_delayed_work |
C |
|
done |
1226 |
129d |
424d
|
96d |
02f681a5e827
Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
|
| KASAN: use-after-free Read in hci_send_acl |
C |
|
done |
3 |
130d |
421d
|
96d |
75e26178e26f
Bluetooth: verify AMP hci_chan before amp_destroy
|
| KASAN: use-after-free Read in nfc_llcp_sock_unlink |
C |
|
done |
22 |
129d |
167d
|
96d |
48fba458fe54
net/nfc: fix use-after-free llcp_sock_bind/connect
|
| WARNING in hsr_addr_subst_dest |
C |
|
done |
3099 |
129d |
897d
|
96d |
40fa36443db3
hsr: use netdev_err() instead of WARN_ONCE()
|
| KASAN: slab-out-of-bounds Read in soft_cursor (2) |
C |
|
done |
8 |
129d |
251d
|
96d |
8c5ec4a731e1
vt: Fix character height handling with VT_RESIZEX
|
| possible deadlock in tty_port_close_start |
C |
|
done |
47 |
135d |
600d
|
104d |
1f51881e2dcc
ttyprintk: Add TTY hangup callback.
|
| KASAN: null-ptr-deref Read in llcp_sock_getname |
C |
|
|
37 |
138d |
698d
|
110d |
93e4ac2a9979
nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
|
| kernel BUG in z_erofs_map_blocks_iter |
syz |
|
done |
10 |
150d |
211d
|
120d |
006270aa8f9c
erofs: add unsupported inode i_format check
|
| kernel BUG at fs/inode.c:LINE! (2) |
C |
|
done |
5 |
154d |
293d
|
121d |
006270aa8f9c
erofs: add unsupported inode i_format check
|
| general protection fault in __queue_work |
syz |
|
done |
1 |
154d |
402d
|
121d |
35113c4c9fa7
bluetooth: eliminate the potential race condition when removing the HCI controller
|
| general protection fault in nl802154_del_llsec_devkey |
C |
|
done |
110 |
167d |
227d
|
136d |
22e025c1733b
net: ieee802154: fix nl802154 del llsec devkey
|
| general protection fault in nl802154_add_llsec_key |
C |
|
done |
106 |
167d |
222d
|
136d |
bdd1d2784ad3
net: ieee802154: fix nl802154 add llsec key
|
| general protection fault in nl802154_del_llsec_key |
C |
|
done |
91 |
167d |
220d
|
136d |
79ba55c0e7a7
net: ieee802154: fix nl802154 del llsec key
|
| general protection fault in ieee802154_llsec_parse_key_id |
C |
|
done |
64 |
167d |
218d
|
137d |
5983b9de012e
net: ieee802154: nl-mac: fix check on panid
|
| WARNING in cfg80211_connect |
C |
|
done |
336 |
167d |
362d
|
137d |
ee1a5262eb01
cfg80211: remove WARN_ON() in cfg80211_sme_connect
|
| general protection fault in nl802154_del_llsec_dev |
C |
|
done |
70 |
169d |
225d
|
138d |
3fe0c0485a29
net: ieee802154: fix nl802154 del llsec dev
|
| general protection fault in crypto_destroy_tfm |
syz |
|
done |
12 |
170d |
214d
|
139d |
b58bb4eaa0c2
drivers: net: fix memory leak in peak_usb_create_dev
|
| BUG: sleeping function called from invalid context in htb_destroy |
C |
|
done |
2 |
189d |
710d
|
159d |
66f6f4094ff2
net: sched: validate stab values
|
| possible deadlock in red_change |
C |
|
done |
10 |
190d |
431d
|
160d |
66f6f4094ff2
net: sched: validate stab values
|
| BUG: unable to handle kernel NULL pointer dereference in __lookup_slow |
C |
|
done |
23 |
203d |
361d
|
171d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| WARNING in ext4_xattr_set_entry |
C |
|
done |
12 |
204d |
338d
|
174d |
a8fb57ec924f
ext4: do not try to set xattr into ea_inode if value is empty
|
| BUG: unable to handle kernel NULL pointer dereference in amp_read_loc_assoc_final_data |
C |
|
done |
114 |
208d |
424d
|
174d |
99c2c8b009c4
Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
|
| KASAN: use-after-free Read in skb_dequeue |
syz |
|
done |
1 |
216d |
420d
|
182d |
c1a77dbcaa2d
btrfs: raid56: simplify tracking of Q stripe presence
|
| KASAN: use-after-free Read in ntfs_iget |
C |
|
done |
1 |
215d |
275d
|
182d |
23e895868b51
ntfs: check for valid standard information attribute
|
| KASAN: use-after-free Read in ntfs_read_locked_inode |
C |
|
done |
2 |
218d |
368d
|
188d |
23e895868b51
ntfs: check for valid standard information attribute
|
| kernel BUG in pfkey_send_acquire |
C |
|
done |
56 |
224d |
253d
|
194d |
fa137b50f326
block: split .sysfs_lock into two locks
|
| general protection fault in ioctl_standard_call |
C |
|
done |
23 |
228d |
342d
|
197d |
3f33e522a07f
wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
|
| KASAN: slab-out-of-bounds Read in squashfs_export_iget |
C |
|
done |
5 |
240d |
340d
|
209d |
a6f933a30363
squashfs: add more sanity checks in inode lookup
|
| general protection fault in ieee80211_subif_start_xmit |
C |
|
done |
4 |
244d |
285d
|
210d |
b26b5e086157
mac80211: pause TX while changing interface type
|
| UBSAN: undefined-behaviour in tcindex_set_parms |
C |
|
done |
39 |
256d |
371d
|
218d |
22c1b22672f3
net_sched: avoid shift-out-of-bounds in tcindex_set_parms()
|
| kernel BUG at fs/reiserfs/prints.c:LINE! |
C |
|
done |
5 |
266d |
357d
|
218d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| KASAN: use-after-free Read in search_by_entry_key |
C |
|
done |
1 |
266d |
356d
|
220d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| KASAN: slab-out-of-bounds Read in squashfs_get_id |
C |
|
|
58 |
225d |
369d
|
220d |
e5099c0e851a
squashfs: add more sanity checks in id lookup
|
| KASAN: use-after-free Read in squashfs_get_id |
C |
|
|
3 |
264d |
318d
|
220d |
e5099c0e851a
squashfs: add more sanity checks in id lookup
|
| KASAN: use-after-free Read in tls_write_space |
C |
|
done |
25 |
272d |
897d
|
242d |
d71f3fb99620
net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
|
| divide error in do_journal_end |
C |
|
done |
2 |
274d |
334d
|
244d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| general protection fault in dqput |
C |
|
done |
2 |
275d |
288d
|
244d |
7bae84821b47
quota: Sanity-check quota file headers on load
|
| WARNING in md_ioctl |
C |
|
done |
199 |
275d |
892d
|
244d |
b85abab5913d
md: fix a warning caused by a race between concurrent md_ioctl()s
|
| general protection fault in hci_phy_link_complete_evt |
C |
|
done |
28 |
279d |
422d
|
248d |
abae100355c0
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
| KASAN: use-after-free Read in leaf_paste_entries |
C |
|
done |
1 |
282d |
282d
|
251d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| general protection fault in hci_event_packet |
C |
|
done |
3 |
283d |
349d
|
253d |
abae100355c0
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
| KASAN: slab-out-of-bounds Read in hci_le_meta_evt |
C |
|
done |
12 |
283d |
424d
|
253d |
61490c481c61
Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
|
| KASAN: use-after-free Read in reiserfs_read_locked_inode |
C |
|
done |
4 |
286d |
368d
|
256d |
b8590c82b3cc
reiserfs: add check for an invalid ih_entry_count
|
| INFO: task hung in rdma_destroy_id |
C |
|
done |
2 |
287d |
317d
|
256d |
014133611851
usb: uas: Add PNY USB Portable SSD to unusual_uas
|
| INFO: task hung in do_read_cache_page |
C |
|
done |
2 |
288d |
348d
|
258d |
8e63266b0d42
fcntl: Fix potential deadlock in send_sig{io, urg}()
|
| BUG: unable to handle kernel paging request in dquot_add_space |
C |
|
done |
1 |
290d |
350d
|
258d |
7bae84821b47
quota: Sanity-check quota file headers on load
|
| BUG: unable to handle kernel paging request in dqput |
C |
|
done |
8 |
289d |
358d
|
258d |
7bae84821b47
quota: Sanity-check quota file headers on load
|
| general protection fault in gfs2_ri_update |
C |
|
done |
28 |
294d |
370d
|
262d |
6790f8b9370b
gfs2: check for empty rgrp tree in gfs2_ri_update
|
| KASAN: use-after-free Write in sco_chan_del |
C |
|
done |
10 |
297d |
421d
|
266d |
abae100355c0
Bluetooth: Fix null pointer dereference in hci_event_packet()
|
| KASAN: use-after-free Read in btrfs_scan_one_device |
C |
|
done |
43 |
301d |
376d
|
271d |
aec62fa475af
btrfs: don't access possibly stale fs_info data for printing duplicate device
|
| BUG: sleeping function called from invalid context in corrupted |
C |
|
done |
2 |
308d |
309d
|
277d |
499b109be688
mac80211: free sta in sta_info_insert_finish() on errors
|
| BUG: sleeping function called from invalid context in sta_info_move_state |
C |
|
done |
760 |
308d |
310d
|
277d |
499b109be688
mac80211: free sta in sta_info_insert_finish() on errors
|
| KASAN: slab-out-of-bounds Read in ntfs_attr_find |
C |
|
done |
10 |
309d |
366d
|
279d |
dff5d7741195
ntfs: add check for mft record size in superblock
|
| general protection fault in rose_send_frame |
C |
|
done |
5 |
313d |
891d
|
279d |
731b9890a7f1
rose: Fix Null pointer dereference in rose_send_frame()
|
| KASAN: slab-out-of-bounds Read in soft_cursor |
C |
|
done |
61 |
327d |
665d
|
296d |
3e1600cc10df
ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
|
| KASAN: use-after-free Read in debugfs_remove |
C |
|
done |
15 |
331d |
828d
|
301d |
8a78b4c0d629
blktrace: fix debugfs use after free
|
| UBSAN: undefined-behaviour in init_sb |
C |
|
done |
2 |
334d |
366d
|
303d |
6a253f385a2d
gfs2: add validation checks for size of superblock
|
| WARNING in unlock_new_inode |
C |
|
done |
66 |
333d |
372d
|
303d |
7a1e074bc18d
reiserfs: only call unlock_new_inode() if I_NEW
|
| KASAN: use-after-free Read in tipc_mcast_xmit |
C |
|
done |
3 |
334d |
358d
|
304d |
26217e062f97
tipc: fix the skb_unshare() in tipc_buf_append()
|
| KASAN: global-out-of-bounds Read in fb_pad_aligned_buffer |
C |
|
done |
5 |
335d |
660d
|
304d |
6612b754ac0c
vt: Disable KD_FONT_OP_COPY
|
| KASAN: use-after-free Read in ntfs_attr_find |
C |
|
done |
13 |
335d |
366d
|
305d |
dff5d7741195
ntfs: add check for mft record size in superblock
|
| divide error in tabledist |
C |
|
done |
3 |
345d |
702d
|
315d |
95ba2236b8e6
netem: fix zero division in tabledist
|
| general protection fault in qp_release_pages |
C |
|
done |
4 |
346d |
348d
|
315d |
0b02a4325780
VMCI: check return value of get_user_pages_fast() for errors
|
| UBSAN: undefined-behaviour in tabledist |
C |
|
done |
2 |
354d |
354d
|
322d |
95ba2236b8e6
netem: fix zero division in tabledist
|
| KASAN: global-out-of-bounds Read in fbcon_get_font |
C |
|
done |
47 |
353d |
665d
|
322d |
43198a5b1c42
fbcon: Fix global-out-of-bounds read in fbcon_get_font()
|
| KASAN: slab-out-of-bounds Read in fbcon_get_font |
C |
|
done |
97 |
357d |
665d
|
327d |
1221d11e5c35
vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize()
|
| general protection fault in get_unique_tuple |
C |
|
done |
33 |
358d |
619d
|
327d |
289fe546ea16
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
| general protection fault in nf_nat_setup_info |
C |
|
done |
22 |
362d |
453d
|
332d |
289fe546ea16
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
| KASAN: use-after-free Read in soft_cursor |
C |
|
done |
16 |
367d |
664d
|
336d |
76fe92986c5c
fbcon: Fix user font detection test at fbcon_resize().
|
| KASAN: global-out-of-bounds Read in get_unique_tuple |
C |
|
done |
1 |
367d |
608d
|
337d |
289fe546ea16
netfilter: ctnetlink: add a range check for l3/l4 protonum
|
| KASAN: global-out-of-bounds Read in fbcon_resize |
C |
|
done |
286 |
370d |
390d
|
339d |
76fe92986c5c
fbcon: Fix user font detection test at fbcon_resize().
|
| general protection fault in __sock_release |
syz |
|
done |
8 |
384d |
396d
|
354d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING in snd_pcm_plugin_build_mulaw |
C |
|
done |
2 |
386d |
396d
|
355d |
569e1b621797
ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
|
| KASAN: use-after-free Read in seq_release_private |
syz |
|
done |
1 |
385d |
385d
|
355d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING: ODEBUG bug in get_signal |
syz |
|
done |
3 |
387d |
397d
|
356d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING in snd_pcm_drop |
syz |
|
done |
1 |
388d |
388d
|
356d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| WARNING: ODEBUG bug in exit_to_usermode_loop |
syz |
|
done |
2 |
387d |
389d
|
356d |
dff6a2c2828b
nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()'
|
| general protection fault in tty_release |
C |
|
done |
9 |
388d |
395d
|
358d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Write in __sock_release |
syz |
|
done |
1 |
389d |
389d
|
359d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in locks_remove_file |
syz |
|
done |
4 |
389d |
397d
|
359d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in cuse_channel_release |
syz |
|
done |
1 |
391d |
391d
|
359d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in __fput |
syz |
|
done |
1 |
391d |
391d
|
360d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Write in ex_handler_refcount |
C |
|
done |
11 |
391d |
599d
|
361d |
29e1dfcd5150
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
|
| kernel BUG at include/linux/fs.h:LINE! |
syz |
|
done |
1 |
391d |
391d
|
361d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in snd_pcm_oss_release |
syz |
|
done |
1 |
391d |
391d
|
361d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| kernel BUG at fs/inode.c:LINE! |
syz |
|
done |
2 |
392d |
421d
|
361d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: invalid-free in vcs_release |
syz |
|
done |
1 |
392d |
392d
|
362d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in fbcon_cursor |
syz |
|
done |
4 |
393d |
653d
|
363d |
770adb5d2b8e
fbcon: remove soft scrollback code
|
| BUG: corrupted list in mousedev_release |
syz |
|
done |
1 |
393d |
393d
|
363d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| KASAN: use-after-free Read in eventfd_release |
syz |
|
done |
1 |
395d |
395d
|
364d |
37d933e8b41b
fix regression in "epoll: Keep a reference on files added to the check list"
|
| INFO: trying to register non-static key in uhid_char_release |
C |
|
done |
3 |
395d |
417d
|
364d |
abae259fdccc
HID: core: Correctly handle ReportSize being zero
|
| WARNING in corrupted (2) |
C |
|
done |
1 |
396d |
396d
|
365d |
569e1b621797
ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
|
| INFO: trying to register non-static key in uhid_dev_destroy |
C |
|
done |
14 |
403d |
571d
|
373d |
abae259fdccc
HID: core: Correctly handle ReportSize being zero
|
| KASAN: slab-out-of-bounds Read in vcs_scr_readw |
C |
|
inconclusive |
80 |
655d |
665d
|
375d |
627f3b9e4dd8
vcs: prevent write access to vcsu devices
|
| WARNING in inc_nlink |
C |
|
done |
8 |
405d |
554d
|
375d |
169f7f37bd6b
fs/minix: don't allow getting deleted inodes
|
| BUG: unable to handle kernel NULL pointer dereference in get_block |
C |
|
done |
60 |
409d |
560d
|
378d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| KASAN: slab-out-of-bounds Read in get_block |
C |
|
done |
3 |
412d |
528d
|
381d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| KASAN: use-after-free Read in get_block |
C |
|
done |
6 |
412d |
544d
|
382d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| KASAN: slab-out-of-bounds Read in hci_event_packet |
C |
|
done |
15 |
413d |
622d
|
382d |
8c4a649c20fe
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
| KASAN: slab-out-of-bounds Read in bacpy |
C |
|
done |
3 |
418d |
880d
|
384d |
8c4a649c20fe
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
| KASAN: slab-out-of-bounds Read in hci_extended_inquiry_result_evt |
C |
|
done |
6 |
416d |
450d
|
384d |
8c4a649c20fe
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
|
| KASAN: null-ptr-deref Read in drm_dp_aux_dev_get_by_minor |
C |
|
done |
1 |
417d |
477d
|
384d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| KASAN: slab-out-of-bounds Read in hci_inquiry_result_with_rssi_evt |
C |
|
done |
4 |
416d |
445d
|
384d |
48f70ecd6a22
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
|
| KASAN: use-after-free Read in l2cap_chan_close |
C |
|
done |
8 |
417d |
599d
|
384d |
29e1dfcd5150
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
|
| BUG: unable to handle kernel NULL pointer dereference in do_syscall_64 (2) |
C |
|
done |
4 |
421d |
434d
|
390d |
dd58bd1b95b7
fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
|
| divide error in fbcon_switch |
C |
|
done |
259 |
426d |
665d
|
391d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| general protection fault in do_con_write |
C |
|
done |
3008 |
426d |
665d
|
391d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| kernel BUG at fs/buffer.c:LINE! |
syz |
|
done |
23 |
422d |
875d
|
391d |
954fc7da99a9
fs/minix: reject too-large maximum file size
|
| general protection fault in free_netdev |
C |
|
done |
99 |
424d |
454d
|
391d |
abcf95e000b4
ip6_gre: fix null-ptr-deref in ip6gre_init_net()
|
| BUG: unable to handle kernel paging request in do_con_trol |
C |
|
done |
36 |
426d |
659d
|
395d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| WARNING in snd_info_get_line |
C |
|
done |
23 |
426d |
439d
|
395d |
0c9d4b18bb8a
ALSA: info: Drop WARN_ON() from buffer NULL sanity check
|
| BUG: unable to handle kernel paging request in insert_char |
C |
|
done |
46 |
440d |
660d
|
410d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| INFO: task hung in __flush_work |
syz |
|
done |
6 |
441d |
891d
|
411d |
af224c2eeda2
net/9p: validate fds in p9_fd_open
|
| KASAN: null-ptr-deref Read in do_con_trol |
C |
|
done |
1 |
442d |
592d
|
411d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| KASAN: null-ptr-deref Read in insert_char |
C |
|
done |
3 |
442d |
637d
|
412d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| KASAN: user-memory-access Read in insert_char |
C |
|
done |
2 |
444d |
657d
|
414d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| BUG: unable to handle kernel paging request in csi_J |
C |
|
done |
3 |
453d |
621d
|
422d |
74752b81eae8
vt: Reject zero-sized screen buffer size.
|
| BUG: unable to handle kernel NULL pointer dereference in generic_perform_write (2) |
C |
|
done |
1 |
464d |
554d
|
434d |
5dbb625573ab
ext4: avoid race conditions when remounting with options that change dax
|
| WARNING in enqueue_task_dl |
syz |
|
done |
1 |
472d |
801d
|
441d |
edf55b5e3bde
sched/deadline: Initialize ->dl_boosted
|
| general protection fault in batadv_iv_ogm_schedule_buff |
|
|
|
6 |
560d |
615d
|
446d |
bf0ef794e197
batman-adv: Don't schedule OGM for disabled interface
|
| general protection fault in fq_codel_enqueue |
C |
|
done |
5 |
494d |
522d
|
464d |
8920e8ae16a8
net: check untrusted gso_size at kernel entry
|
| kernel BUG at arch/x86/mm/physaddr.c:LINE! (2) |
C |
|
done |
82 |
494d |
635d
|
464d |
a3da2984a40b
vt: fix unicode console freeing with a common interface
|
| INFO: trying to register non-static key in hci_uart_flush |
syz |
|
done |
4 |
499d |
743d
|
469d |
8efa59fc90a5
netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
|
| KASAN: use-after-free Write in snd_rawmidi_kernel_write1 |
C |
|
done |
1 |
501d |
531d
|
470d |
a507658fdb2a
ALSA: rawmidi: Fix racy buffer resize under concurrent accesses
|
| KASAN: null-ptr-deref Write in choke_reset |
C |
|
done |
236 |
502d |
527d
|
472d |
1733fe42d94c
USB: serial: garmin_gps: add sanity checking for data length
|
| KASAN: use-after-free Read in rdma_listen |
syz |
|
done |
143 |
533d |
845d
|
503d |
abc4ea7f1345
RDMA/ucma: Put a lock around every call to the rdma_cm layer
|
| KASAN: use-after-free Read in cma_cancel_operation |
C |
|
done |
6 |
545d |
695d
|
515d |
abc4ea7f1345
RDMA/ucma: Put a lock around every call to the rdma_cm layer
|
| WARNING in geneve_exit_batch_net |
C |
|
done |
2 |
547d |
592d
|
517d |
2c1a05e91fc6
geneve: move debug check after netdev unregister
|
| WARNING: ODEBUG bug in rfcomm_dev_ioctl |
C |
|
done |
1 |
549d |
549d
|
518d |
78a4ad28608a
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
|
| KASAN: use-after-free Write in release_tty |
C |
|
done |
148 |
548d |
665d
|
518d |
54584f79579b
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
| WARNING: ODEBUG bug in route4_change |
C |
|
done |
28 |
552d |
572d
|
522d |
ea3d6652c240
net_sched: cls_route: remove the right filter from hashtable
|
| WARNING: refcount bug in sock_wfree |
C |
done |
done |
1 |
555d |
676d
|
525d |
6ce6aea362d4
sctp: fix refcount bug in sctp_wfree
|
| KASAN: use-after-free Read in tty_open |
C |
|
done |
2 |
559d |
665d
|
529d |
54584f79579b
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
| BUG: unable to handle kernel paging request in init_srcu_struct_fields |
syz |
|
done |
3 |
560d |
758d
|
529d |
e36be7959326
usbip: tools: Fix read_usb_vudc_device() error path handling
|
| KASAN: slab-out-of-bounds Read in selinux_xfrm_alloc_user |
C |
|
done |
3 |
561d |
566d
|
530d |
0a7b397c0133
xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
|
| WARNING: ODEBUG bug in rfcomm_dlc_free |
C |
|
done |
21 |
562d |
793d
|
532d |
78a4ad28608a
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
|
| KASAN: slab-out-of-bounds Write in tcindex_set_parms |
C |
|
done |
2 |
566d |
566d
|
534d |
557d015ffb27
net_sched: keep alloc_hash updated after hash allocation
|
| KASAN: use-after-free Write in tcindex_set_parms |
C |
|
done |
3 |
565d |
569d
|
534d |
557d015ffb27
net_sched: keep alloc_hash updated after hash allocation
|
| possible deadlock in ovl_write_iter (2) |
syz |
|
done |
2 |
568d |
568d
|
537d |
eae6b4a4d7f8
USB: Disable LPM on WD19's Realtek Hub
|
| KASAN: use-after-free Read in n_tty_receive_buf_common |
C |
|
done |
40 |
569d |
664d
|
538d |
b4492f1e7456
vt: selection, push sel_lock up
|
| inconsistent lock state in rxrpc_put_client_connection_id |
C |
|
done |
89 |
577d |
594d
|
547d |
43cac315bec1
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
| KASAN: use-after-free Read in ext4_xattr_set_entry |
syz |
|
done |
10 |
577d |
825d
|
547d |
cb1702c403ad
ext4: validate the debug_want_extra_isize mount option at parse time
|
| inconsistent lock state in rxrpc_put_client_conn |
C |
|
done |
6584 |
577d |
594d
|
547d |
43cac315bec1
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
| kernel BUG at net/rxrpc/local_object.c:LINE! |
C |
|
done |
13912 |
579d |
790d
|
549d |
792668145b56
rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
|
| general protection fault in selinux_socket_sendmsg |
C |
|
done |
36 |
580d |
760d
|
550d |
43cac315bec1
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
| INFO: task hung in paste_selection |
C |
|
done |
10 |
581d |
656d
|
551d |
b4492f1e7456
vt: selection, push sel_lock up
|
| INFO: task hung in htable_put |
C |
|
done |
8 |
583d |
629d
|
552d |
acbc5071f073
netfilter: xt_hashlimit: limit the max size of hashtable
|
| kernel BUG at fs/reiserfs/lock.c:LINE! (2) |
C |
|
done |
2 |
586d |
586d
|
555d |
ef3d73fe8836
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
|
| INFO: task hung in drain_all_pages |
C |
|
done |
1 |
586d |
616d
|
556d |
8541452acba5
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
|
| KASAN: stack-out-of-bounds Write in ax25_getname |
C |
|
done |
4 |
590d |
886d
|
559d |
ad598a48fe61
vhost: Check docket sk_family instead of call getname
|
| INFO: task hung in hashlimit_mt_check_common |
C |
|
done |
3 |
593d |
608d
|
561d |
acbc5071f073
netfilter: xt_hashlimit: limit the max size of hashtable
|
| INFO: task hung in tty_ldisc_hangup |
C |
|
done |
10 |
592d |
660d
|
561d |
b4492f1e7456
vt: selection, push sel_lock up
|
| general protection fault in padata_reorder |
C |
|
done |
90 |
591d |
594d
|
561d |
cad926f70b5a
padata: fix null pointer deref of pd->pinst
|
| KASAN: slab-out-of-bounds Read in tcf_exts_destroy |
C |
|
done |
1 |
595d |
712d
|
565d |
478c4b2ffd44
net_sched: fix an OOB access in cls_tcindex
|
| BUG: sleeping function called from invalid context in tpk_write |
C |
|
done |
30 |
601d |
662d
|
570d |
fb56687038cf
ttyprintk: fix a potential deadlock in interrupt context issue
|
| general protection fault in path_openat |
C |
|
done |
13 |
601d |
607d
|
571d |
8d7a5100e29d
vfs: fix do_last() regression
|
| KASAN: slab-out-of-bounds Read in __nla_put_nohdr |
C |
|
done |
1 |
608d |
608d
|
577d |
66ac8ee96faa
net_sched: fix datalen for ematch
|
| general protection fault in nft_chain_parse_hook |
C |
|
done |
5 |
608d |
620d
|
577d |
1f7a1bcd27c3
netfilter: nf_tables: add __nft_chain_type_get()
|
| WARNING in cbq_destroy_class |
C |
|
done |
1 |
613d |
613d
|
582d |
9f7a32834b62
net_sched: fix ops->bind_class() implementations
|
| KASAN: slab-out-of-bounds Write in setup_udp_tunnel_sock |
C |
|
done |
1 |
614d |
614d
|
584d |
d3b5ecceea7d
gtp: make sure only SOCK_DGRAM UDP sockets are accepted
|
| KASAN: use-after-free Read in snd_timer_resolution |
C |
|
done |
2 |
618d |
618d
|
587d |
20f2e4c228c7
ALSA: seq: Fix racy access for queue timer in proc read
|
| KASAN: use-after-free Read in tcp_check_sack_reordering |
C |
|
done |
1 |
617d |
617d
|
587d |
fb56687038cf
ttyprintk: fix a potential deadlock in interrupt context issue
|
| general protection fault in xt_rateest_put |
C |
|
done |
10 |
618d |
621d
|
588d |
e3282417b91c
netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
|
| BUG: corrupted list in nf_tables_commit |
C |
|
done |
2 |
621d |
621d
|
590d |
8260ce5aeee4
netfilter: nf_tables: fix flowtable list del corruption
|
| WARNING in nft_request_module |
C |
|
done |
1 |
621d |
621d
|
590d |
1632efb3553b
netfilter: nf_tables: remove WARN and add NLA_STRING upper limits
|
| general protection fault in nft_tunnel_get_init |
C |
|
done |
1 |
621d |
621d
|
590d |
6de941ce70cd
netfilter: nft_tunnel: fix null-attribute check
|
| general protection fault in nf_ct_netns_do_get |
C |
|
done |
11 |
625d |
640d
|
592d |
46abb2a5cd2f
netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
|
| KASAN: use-after-free Write in __alloc_skb |
C |
|
done |
2 |
625d |
693d
|
594d |
be1a2be7a7b0
net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
|
| general protection fault in xt_rateest_tg_checkentry |
C |
|
done |
12 |
625d |
641d
|
595d |
e3282417b91c
netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
|
| KASAN: slab-out-of-bounds Read in macvlan_broadcast |
C |
|
done |
10 |
626d |
631d
|
595d |
5f3274c53ae7
macvlan: do not assume mac_header is set in macvlan_broadcast()
|
| KASAN: use-after-free Read in macvlan_broadcast |
C |
|
done |
7 |
628d |
631d
|
597d |
5f3274c53ae7
macvlan: do not assume mac_header is set in macvlan_broadcast()
|
| WARNING: bad unlock balance in gtp_encap_enable_socket |
C |
|
done |
2 |
629d |
631d
|
599d |
776a81a024e7
gtp: fix bad unlock balance in gtp_encap_enable_socket
|
| BUG: sleeping function called from invalid context in lock_sock_nested |
syz |
|
done |
1 |
633d |
663d
|
601d |
6b544caa07e5
crypto: af_alg - Use bh_lock_sock in sk_destruct
|
| general protection fault in rxrpc_connect_call |
C |
|
done |
285 |
636d |
800d
|
605d |
792668145b56
rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
|
| possible deadlock in refcount_dec_and_mutex_lock |
C |
done |
done |
5 |
639d |
695d
|
608d |
e83a26a49356
nbd: fix shutdown and recv work deadlock v2
|
| INFO: rcu detected stall in addrconf_dad_work (2) |
C |
|
done |
1 |
648d |
648d
|
617d |
94ac4a4d938f
pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
|
| WARNING: refcount bug in cdev_get |
C |
|
done |
12 |
648d |
773d
|
617d |
f57fd58dda42
bridge/mdb: remove wrong use of NLM_F_MULTI
|
| possible deadlock in __might_fault |
C |
|
done |
385 |
649d |
900d
|
618d |
3757e3818838
usb: mon: Fix a deadlock in usbmon between mmap and read
|
| INFO: task hung in fsnotify_mark_destroy_workfn |
syz |
|
done |
3 |
651d |
839d
|
621d |
42a929edf567
rtc: disable uie before setting time and enable after
|
| possible deadlock in mon_bin_vma_fault |
C |
|
done |
375 |
652d |
901d
|
621d |
3757e3818838
usb: mon: Fix a deadlock in usbmon between mmap and read
|
| WARNING in xfrm6_tunnel_net_exit |
syz |
|
done |
34 |
653d |
901d
|
622d |
bbbe47463da9
xfrm: destroy xfrm_state synchronously on net exit path
|
| inconsistent lock state in sp_get |
C |
|
done |
1 |
656d |
656d
|
625d |
9b8e63d0a6e8
6pack,mkiss: fix possible deadlock
|
| KASAN: slab-out-of-bounds Read in linear_transfer |
C |
|
done |
2 |
664d |
664d
|
633d |
c6bebccd3c62
ALSA: pcm: oss: Avoid potential buffer overflows
|
| WARNING: refcount bug in kobject_get |
C |
|
done |
21 |
664d |
893d
|
634d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| KASAN: use-after-free Read in slip_open |
C |
done |
done |
7 |
665d |
676d
|
634d |
0c6e6ceae72c
slip: Fix use-after-free Read in slip_open
|
| INFO: task hung in vivid_stop_generating_vid_cap |
C |
|
done |
291 |
667d |
901d
|
637d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| INFO: task hung in sdr_cap_stop_streaming |
C |
|
done |
152 |
667d |
901d
|
637d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| KASAN: use-after-free Read in __vb2_perform_fileio |
C |
|
done |
13 |
668d |
898d
|
637d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| KASAN: use-after-free Read in kfree_skb |
C |
|
done |
95 |
672d |
792d
|
640d |
03bf4876a593
Bluetooth: Fix invalid-free in bcsp_close()
|
| WARNING in __vb2_queue_cancel |
C |
|
done |
11 |
675d |
887d
|
645d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| WARNING: suspicious RCU usage in memfd_fcntl |
C |
done |
done |
1879 |
677d |
700d
|
647d |
e4cc9c81e230
memfd: Use radix_tree_deref_slot_protected to avoid the warning.
|
| possible deadlock in ovl_write_iter |
syz |
|
done |
84 |
684d |
894d
|
649d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| KASAN: use-after-free Read in rxrpc_send_keepalive |
syz |
|
done |
6 |
699d |
773d
|
649d |
570ab0dd35f9
rxrpc: Fix call ref leak
|
| BUG: corrupted list in p9_fd_cancelled |
syz |
|
done |
2 |
685d |
748d
|
649d |
78a917bea6ed
perf/core: Consistently fail fork on allocation failures
|
| KASAN: use-after-free Read in __lock_sock |
syz |
|
done |
2 |
701d |
701d
|
650d |
51f0c10890aa
libata/ahci: Fix PCS quirk application
|
| WARNING in corrupted |
syz |
|
done |
25 |
722d |
874d
|
650d |
ed568ca73601
bpf: fix use after free in prog symbol exposure
|
| possible deadlock in io_submit_one |
syz |
|
done |
406 |
724d |
901d
|
651d |
052b31810085
fs/userfaultfd.c: disable irqs for fault_pending and event locks
|
| WARNING in bpf_jit_free |
syz |
|
done |
293 |
724d |
901d
|
651d |
ed568ca73601
bpf: fix use after free in prog symbol exposure
|
| KASAN: use-after-free Read in pneigh_get_next |
syz |
|
done |
1 |
835d |
835d
|
652d |
103835df6821
neigh: fix use-after-free read in pneigh_get_next
|
| WARNING in ovl_rename |
syz |
|
done |
1 |
884d |
884d
|
652d |
f1c5aa5eda08
ovl: detect overlapping layers
|
| kernel BUG at arch/x86/mm/physaddr.c:LINE! |
syz |
|
done |
1 |
822d |
822d
|
652d |
4736bb277744
ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
|
| WARNING in ovl_instantiate |
syz |
|
done |
5 |
892d |
896d
|
652d |
f1c5aa5eda08
ovl: detect overlapping layers
|
| WARNING: suspicious RCU usage in llc_sap_close |
C |
|
done |
10 |
691d |
846d
|
652d |
9a484516a410
llc: avoid blocking in llc_sap_close()
|
| BUG: unable to handle kernel NULL pointer dereference in blk_mq_map_swqueue |
C |
|
done |
12 |
701d |
885d
|
654d |
9f0f39c92e4f
nbd: fix max number of supported devs
|
| KASAN: null-ptr-deref Write in kvm_write_guest_virt_system |
C |
|
done |
50 |
718d |
736d
|
656d |
3683dd7074dc
crypto: cavium/zip - Add missing single_release()
|
| possible deadlock in free_ioctx_users |
C |
|
done |
77 |
724d |
846d
|
656d |
5bead06b3443
fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
|
| KASAN: use-after-free Read in wait_consider_task |
C |
|
done |
58 |
728d |
738d
|
657d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| WARNING: ODEBUG bug in free_task |
C |
|
done |
165 |
728d |
738d
|
657d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| general protection fault in tcf_action_destroy |
C |
|
done |
15 |
726d |
748d
|
657d |
50dddec689cb
mISDN: enforce CAP_NET_RAW for raw sockets
|
| WARNING: suspicious RCU usage in netem_enqueue |
C |
|
done |
2 |
730d |
735d
|
657d |
195a3ea494d2
net_sched: add max len check for TCA_KIND
|
| KASAN: use-after-free Read in __change_pid |
C |
|
done |
4 |
730d |
737d
|
657d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| possible deadlock in do_io_accounting |
C |
|
done |
4 |
729d |
840d
|
657d |
f1c5aa5eda08
ovl: detect overlapping layers
|
| KASAN: use-after-free Read in pids_release |
C |
|
done |
7 |
730d |
737d
|
657d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| general protection fault in release_task |
C |
|
done |
3 |
731d |
738d
|
658d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| general protection fault in wait_consider_task |
C |
|
done |
5 |
730d |
736d
|
658d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| INFO: rcu detected stall in netlink_sendmsg |
C |
|
done |
3 |
742d |
747d
|
658d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| KASAN: use-after-free Read in release_task |
C |
|
done |
2 |
733d |
735d
|
659d |
4eb92a114834
RDMA/restrack: Protect from reentry to resource return path
|
| WARNING in handle_desc |
C |
|
done |
1 |
739d |
739d
|
659d |
21874027e1de
KVM: X86: Fix userspace set invalid CR4
|
| BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass |
C |
|
done |
18 |
733d |
752d
|
659d |
07f7ec87b5f6
net_sched: check cops->tcf_block in tc_bind_tclass()
|
| general protection fault in qdisc_destroy |
C |
|
done |
9 |
738d |
748d
|
659d |
7a1bad565ceb
net_sched: let qdisc_put() accept NULL pointer
|
| INFO: rcu detected stall in addrconf_dad_work |
C |
|
done |
19 |
740d |
752d
|
660d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| INFO: rcu detected stall in mld_ifc_timer_expire |
C |
|
done |
33 |
740d |
752d
|
660d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| INFO: rcu detected stall in br_handle_frame |
C |
|
done |
41 |
740d |
753d
|
660d |
a9e91767b921
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
| INFO: task hung in __x64_sys_io_destroy |
C |
|
done |
1 |
741d |
741d
|
660d |
ec2a3681b30c
media: tvp5150: fix switch exit in set control handler
|
| WARNING: refcount bug in hci_register_dev |
C |
|
done |
3 |
746d |
758d
|
662d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| WARNING in kernfs_get |
C |
|
done |
14 |
746d |
886d
|
662d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| general protection fault in kernfs_add_one |
C |
|
done |
8 |
755d |
894d
|
663d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| general protection fault in packet_lookup_frame |
C |
|
done |
1 |
776d |
776d
|
664d |
154e6bc497c9
net/packet: fix race in tpacket_snd()
|
| WARNING in tty_set_termios |
C |
|
done |
151 |
786d |
896d
|
664d |
56966212e23f
Bluetooth: hci_uart: check for missing tty operations
|
| general protection fault in tcf_ife_init |
C |
|
done |
15 |
784d |
801d
|
664d |
c4c8899376c2
ife: error out when nla attributes are empty
|
| KASAN: null-ptr-deref Write in kthread_stop |
C |
|
done |
12 |
784d |
889d
|
664d |
467052f6ea5a
media: vivid: Fix wrong locking that causes race conditions on streaming stop
|
| general protection fault in rds_recv_rcvbuf_delta |
C |
|
done |
7 |
792d |
838d
|
665d |
3de749d6d7ce
net/rds: An rds_sock is added too early to the hash table
|
| INFO: task hung in blkdev_issue_flush |
C |
|
done |
2 |
819d |
819d
|
665d |
76cf93f04c3d
hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
|
| general protection fault in iptunnel_xmit |
C |
|
done |
2 |
793d |
793d
|
665d |
4736bb277744
ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
|
| WARNING in kernfs_put |
C |
|
done |
1 |
824d |
824d
|
666d |
e1666bcbae0c
driver core: Fix use-after-free and double free on glue directory
|
| WARNING in notify_change |
C |
|
done |
12 |
829d |
886d
|
667d |
e8e448b08450
Abort file_remove_privs() for non-reg. files
|
| BUG: unable to handle kernel paging request in coalesced_mmio_write |
C |
|
done |
2 |
828d |
828d
|
667d |
232a6462f43f
KVM: coalesced_mmio: add bounds checking
|
| possible deadlock in userfaultfd_release |
C |
|
done |
4 |
829d |
834d
|
667d |
052b31810085
fs/userfaultfd.c: disable irqs for fault_pending and event locks
|
| possible deadlock in acct_pin_kill |
C |
|
done |
125 |
860d |
894d
|
667d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| WARNING in xfrm_state_fini |
C |
|
done |
78 |
877d |
901d
|
668d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| WARNING in __flush_work |
C |
|
done |
135 |
874d |
880d
|
668d |
af48f7d79fae
drm/udl: Replace drm_dev_unref with drm_dev_put
|
| KASAN: use-after-free Read in get_mem_cgroup_from_mm |
C |
|
done |
6 |
882d |
896d
|
668d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in ip6erspan_set_version |
C |
|
done |
7 |
892d |
901d
|
669d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| possible deadlock in pipe_lock |
C |
|
done |
2 |
884d |
887d
|
669d |
f1c5aa5eda08
ovl: detect overlapping layers
|
| general protection fault in sctp_timeout_obj_to_nlattr |
C |
|
done |
7 |
896d |
900d
|
669d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in generic_timeout_obj_to_nlattr |
C |
|
done |
11 |
897d |
901d
|
669d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in gre_timeout_obj_to_nlattr |
C |
|
done |
13 |
896d |
901d
|
669d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in tcp_timeout_obj_to_nlattr |
C |
|
done |
7 |
897d |
899d
|
670d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in icmp_timeout_obj_to_nlattr |
C |
|
done |
3 |
899d |
901d
|
670d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in udp_timeout_obj_to_nlattr |
C |
|
done |
8 |
897d |
901d
|
670d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|
| general protection fault in dccp_timeout_obj_to_nlattr |
C |
|
done |
7 |
897d |
901d
|
670d |
ab69a2304210
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
|