KASAN: slab-use-after-free Read in bpf_trace_run2 (2)
bpf
trace
|
syz |
error |
|
123 |
30d |
47d
|
24/28 |
never |
2e8a12b82c40
tracing: Fix syscall tracepoint use-after-free
|
KASAN: vmalloc-out-of-bounds Write in push_insn_history
bpf
|
|
|
|
118 |
8h25m |
8d22h
|
1/28 |
never |
mm: fix vrealloc()'s KASAN poisoning logic
|
KASAN: vmalloc-out-of-bounds Write in vrealloc_noprof
bpf
|
C |
done |
|
28 |
2h05m |
9d19h
|
1/28 |
never |
mm: fix vrealloc()'s KASAN poisoning logic
|
WARNING in vmap_pages_range_noflush (2)
bpf
net
|
C |
error |
|
250 |
834d |
836d
|
1/28 |
never |
mm/gup.c: Fix return value for __gup_longterm_locked()
|
BUG: using smp_processor_id() in preemptible code in bpf_mem_alloc
bpf
|
C |
done |
|
12 |
19d |
16d
|
25/28 |
never |
4ff04abf9d5b
bpf: Add necessary migrate_disable to range_tree.
|
possible deadlock in lock_timer_base
bpf
trace
|
C |
|
|
133 |
38d |
1431d
|
1/28 |
never |
kfence: fix potential deadlock due to wake_up()
|
WARNING in push_jmp_history
bpf
|
C |
done |
|
5 |
58d |
58d
|
28/28 |
20d |
aa30eb3260b2
bpf: Force checkpoint when jmp history is too long
|
general protection fault in dev_map_enqueue (2)
bpf
net
|
C |
error |
done |
336 |
125d |
191d
|
28/28 |
21d |
09d88791c7cd
bpf: Make sure internal and UAPI bpf_redirect flags don't overlap
|
WARNING in sock_map_close (2)
bpf
net
|
C |
done |
|
3 |
104d |
104d
|
28/28 |
43d |
1461f5a3d810
l2tp: avoid overriding sk->sk_user_data
|
BUG: unable to handle kernel paging request in bpf_prog_ADDR (3)
bpf
net
|
C |
done |
|
6 |
144d |
144d
|
28/28 |
43d |
92de36080c93
bpf: Fail verification for sign-extension of packet data/data_end/data_meta
|
KASAN: slab-use-after-free Read in htab_map_alloc (2)
bpf
|
|
|
|
224 |
208d |
214d
|
27/28 |
83d |
86735b57c905
net/sched: unregister lockdep keys in qdisc_create/qdisc_alloc error path
|
KASAN: stack-out-of-bounds Read in xdp_do_check_flushed
bpf
net
|
C |
done |
|
127 |
124d |
145d
|
27/28 |
103d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in __dev_flush
net
bpf
|
C |
|
|
35 |
125d |
138d
|
27/28 |
103d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in bq_flush_to_queue
bpf
net
|
|
|
|
22 |
125d |
134d
|
27/28 |
103d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
KASAN: slab-use-after-free Read in bq_xmit_all
bpf
net
|
C |
done |
|
29 |
125d |
138d
|
27/28 |
103d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in __xsk_map_flush
bpf
net
|
C |
done |
|
26 |
125d |
141d
|
27/28 |
103d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in __cpu_map_flush
bpf
net
|
C |
inconclusive |
|
25 |
125d |
139d
|
27/28 |
103d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in xdp_do_generic_redirect
net
bpf
|
|
|
|
8 |
148d |
152d
|
27/28 |
112d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
general protection fault in dev_map_redirect
bpf
net
|
C |
|
|
362 |
148d |
156d
|
27/28 |
112d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
stack segment fault in dev_hash_map_redirect
bpf
net
|
C |
done |
|
29 |
148d |
155d
|
27/28 |
112d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
general protection fault in xdp_do_redirect
bpf
net
|
|
|
|
15 |
149d |
155d
|
27/28 |
112d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
stack segment fault in bpf_xdp_redirect
bpf
net
|
C |
|
|
181 |
148d |
156d
|
27/28 |
112d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
stack segment fault in cpu_map_redirect
net
bpf
|
C |
done |
|
11 |
149d |
148d
|
27/28 |
112d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
WARNING in bpf_lwt_seg6_adjust_srh
bpf
net
|
C |
done |
|
30 |
148d |
162d
|
27/28 |
112d |
c13fda93aca1
bpf: Remove tst_run from lwt_seg6local_prog_ops.
|
possible deadlock in console_flush_all (2)
trace
bpf
|
C |
error |
|
52996 |
148d |
423d
|
26/28 |
148d |
ae01e52da244
serial: drop debugging WARN_ON_ONCE() from uart_write()
|
WARNING in skb_ensure_writable
bpf
net
|
C |
done |
|
2893 |
148d |
226d
|
26/28 |
148d |
2bbe3e5a2f4e
bpf: Avoid splat in pskb_pull_reason
|
INFO: task hung in bpf_prog_dev_bound_destroy
bpf
|
|
|
|
94 |
167d |
179d
|
26/28 |
148d |
d864319871b0
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
|
possible deadlock in __sock_map_delete
bpf
net
|
C |
|
|
14 |
190d |
234d
|
26/28 |
156d |
98e948fb60d4
bpf: Allow delete from sockmap/sockhash only if update is allowed
|
general protection fault in bpf_get_attach_cookie_tracing
bpf
trace
|
C |
error |
|
7 |
182d |
213d
|
26/28 |
169d |
d0d1df8ba18a
bpf: Set run context for rawtp test_run callback
|
KASAN: slab-use-after-free Read in bpf_link_free (2)
bpf
|
syz |
|
|
52 |
179d |
191d
|
26/28 |
169d |
2884dc7d08d9
bpf: Fix a potential use-after-free in bpf_link_free()
|
WARNING in sock_map_close
bpf
net
|
C |
error |
|
182 |
176d |
239d
|
25/28 |
176d |
4b4647add7d3
sock_map: avoid race between sock_map_close and sk_psock_put
|
possible deadlock in sock_hash_delete_elem (2)
bpf
net
|
C |
|
|
1127 |
177d |
260d
|
25/28 |
176d |
98e948fb60d4
bpf: Allow delete from sockmap/sockhash only if update is allowed
|
KMSAN: uninit-value in __bpf_strtoull
bpf
|
C |
|
|
119 |
183d |
260d
|
25/28 |
182d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in trie_delete_elem
bpf
|
C |
|
|
52 |
183d |
253d
|
25/28 |
182d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in dev_map_lookup_elem
bpf
net
|
C |
|
|
3 |
247d |
254d
|
25/28 |
182d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in trie_lookup_elem
bpf
|
C |
|
|
12 |
240d |
258d
|
25/28 |
182d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
possible deadlock in kvfree_call_rcu
bpf
|
C |
|
|
1431 |
183d |
253d
|
25/28 |
182d |
59f2f841179a
bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie.
|
BUG: unable to handle kernel paging request in bpf_prog_ADDR (2)
bpf
|
C |
|
|
3 |
225d |
239d
|
25/28 |
182d |
543576ec15b1
bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
|
KMSAN: uninit-value in array_map_lookup_elem
bpf
|
C |
|
|
10 |
237d |
257d
|
25/28 |
182d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in sock_map_delete_elem
bpf
net
|
C |
|
|
44 |
183d |
254d
|
25/28 |
182d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
WARNING in __mark_chain_precision (4)
bpf
|
C |
|
|
8 |
227d |
247d
|
25/28 |
182d |
1f2a74b41ea8
bpf: prevent r10 register from being marked as precise
|
KASAN: stack-out-of-bounds Read in hash
bpf
|
C |
done |
|
5 |
235d |
242d
|
25/28 |
195d |
a8d89feba7e5
bpf: Check bloom filter map value size
|
possible deadlock in force_sig_info_to_task
bpf
trace
|
C |
error |
|
6 |
216d |
223d
|
25/28 |
195d |
02b670c1f88e
x86/mm: Remove broken vsyscall emulation code from the page fault code
|
KCSAN: data-race in sk_psock_drop / sk_psock_skb_ingress_enqueue
bpf
net
|
|
|
|
1 |
264d |
257d
|
25/28 |
195d |
6648e613226e
bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
|
possible deadlock in tty_port_tty_get (2)
bpf
net
|
|
|
|
3 |
239d |
257d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in put_pwq_unlocked
trace
bpf
|
|
|
|
3 |
233d |
232d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in sock_map_delete_elem
bpf
net
|
C |
|
|
17183 |
222d |
261d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in scheduler_tick (3)
bpf
net
|
C |
|
|
1179 |
222d |
259d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in pit_timer_fn
bpf
net
|
|
|
|
7 |
233d |
244d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in rcu_exp_handler
bpf
net
|
C |
|
|
1 |
236d |
232d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in rcu_report_exp_cpu_mult
net
bpf
|
C |
done |
|
30 |
223d |
261d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in try_to_wake_up (4)
bpf
net
|
C |
error |
|
19 |
198d |
261d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in ahci_single_level_irq_intr
bpf
net
|
C |
|
|
10 |
244d |
252d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in sock_map_unref
bpf
net
|
C |
error |
|
97 |
223d |
236d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in __lock_task_sighand (2)
bpf
net
|
C |
|
|
1476 |
197d |
261d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in sock_hash_delete_elem
bpf
net
|
C |
done |
|
16982 |
222d |
261d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in hrtimer_run_queues
net
bpf
|
C |
error |
|
592 |
222d |
259d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in swake_up_one
bpf
net
|
C |
|
|
4 |
234d |
233d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in pwq_dec_nr_in_flight
trace
bpf
|
|
|
|
1 |
238d |
234d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in _prb_commit
net
bpf
|
|
|
|
4 |
233d |
229d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in posix_timer_fn (2)
net
bpf
|
|
|
|
1 |
237d |
233d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in drm_handle_vblank
bpf
net
|
|
|
|
30 |
233d |
259d
|
25/28 |
195d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
KASAN: slab-out-of-bounds Read in xsk_setsockopt
bpf
net
|
C |
|
|
17 |
235d |
244d
|
25/28 |
195d |
237f3cf13b20
xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
|
UBSAN: array-index-out-of-bounds in check_stack_range_initialized
bpf
|
C |
error |
|
21 |
227d |
260d
|
25/28 |
195d |
ecc6a2101840
bpf: Protect against int overflow for stack access size
|
general protection fault in dev_map_enqueue
bpf
net
|
C |
|
|
676 |
196d |
253d
|
25/28 |
195d |
5bcf0dcbf906
xdp: use flags field to disambiguate broadcast redirect
|
KASAN: slab-use-after-free Read in bpf_link_free
bpf
|
syz |
|
|
181 |
196d |
244d
|
25/28 |
195d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
KASAN: slab-use-after-free Read in bpf_trace_run4
bpf
trace
|
C |
error |
|
169 |
240d |
258d
|
25/28 |
195d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
KASAN: slab-use-after-free Read in bpf_trace_run2
bpf
trace
|
C |
error |
|
653 |
240d |
258d
|
25/28 |
195d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
KASAN: slab-use-after-free Read in bpf_trace_run1
bpf
trace
|
C |
error |
|
78 |
240d |
254d
|
25/28 |
195d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
linux-next boot error: WARNING in register_btf_kfunc_id_set
bpf
|
|
|
|
9 |
306d |
307d
|
25/28 |
238d |
a05e90427ef6
bpf: btf: Add BTF_KFUNCS_START/END macro pair
|
general protection fault in bpf_struct_ops_find_value
bpf
|
C |
done |
|
9 |
311d |
314d
|
25/28 |
238d |
e6be8cd5d3cf
bpf: Fix error checks against bpf_get_btf_vmlinux().
|
BUG: unable to handle kernel NULL pointer dereference in dev_map_hash_update_elem
bpf
net
|
C |
|
|
2 |
282d |
289d
|
25/28 |
238d |
281d464a34f5
bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
|
general protection fault in btf_is_module
bpf
|
C |
error |
|
318 |
310d |
314d
|
25/28 |
238d |
e6be8cd5d3cf
bpf: Fix error checks against bpf_get_btf_vmlinux().
|
BUG: unable to handle kernel NULL pointer dereference in unix_stream_sendmsg
bpf
net
|
C |
|
|
1 |
281d |
281d
|
25/28 |
246d |
4cd12c6065df
bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
|
BUG: unable to handle kernel NULL pointer dereference in sk_psock_verdict_data_ready
net
bpf
|
C |
unreliable |
|
15 |
277d |
396d
|
25/28 |
246d |
4cd12c6065df
bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
|
WARNING in __mark_chain_precision (3)
bpf
|
C |
done |
|
19 |
338d |
360d
|
25/28 |
308d |
482d548d40b0
bpf: handle fake register spill to stack with BPF_ST_MEM instruction
|
KASAN: slab-use-after-free Read in nla_find
bpf
net
|
C |
done |
|
4 |
353d |
352d
|
25/28 |
309d |
2130c519a401
bpf: Use nla_ok() instead of checking nla_len directly
|
WARNING: locking bug in corrupted (2)
bpf
reiserfs
|
C |
done |
done |
1 |
359d |
512d
|
25/28 |
309d |
6f861765464f
fs: Block writes to mounted block devices
|
WARNING in __sk_msg_free
bpf
net
|
C |
done |
|
4 |
335d |
334d
|
25/28 |
309d |
dc9dfc8dc629
net: tls, fix WARNIING in __sk_msg_free
|
kernel BUG in prog_array_map_poke_run
bpf
|
C |
done |
done |
35 |
352d |
393d
|
25/28 |
316d |
4b7de801606e
bpf: Fix prog_array_map_poke_run map poke update
|
KASAN: null-ptr-deref Write in unix_stream_bpf_update_proto
bpf
net
|
C |
done |
|
54 |
340d |
370d
|
25/28 |
319d |
8d6650646ce4
bpf: syzkaller found null ptr deref in unix_bpf proto add
|
WARNING in bpf_mprog_pos_after
bpf
|
|
|
|
3 |
435d |
443d
|
25/28 |
349d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
WARNING: zero-size vmalloc in xskq_create
bpf
net
|
|
|
|
20 |
418d |
426d
|
25/28 |
349d |
a12bbb3cccf0
xdp: Fix zero-size allocation warning in xskq_create()
|
WARNING: zero-size vmalloc in print_tainted
bpf
net
|
C |
|
|
79 |
542d |
576d
|
25/28 |
349d |
a12bbb3cccf0
xdp: Fix zero-size allocation warning in xskq_create()
|
WARNING in bpf_mprog_attach
bpf
|
C |
|
|
3 |
427d |
435d
|
25/28 |
349d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
WARNING in bpf_mprog_pos_before
bpf
|
C |
done |
|
26 |
427d |
435d
|
25/28 |
349d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
general protection fault in bpf_prog_offload_verifier_prep
bpf
|
C |
done |
|
31 |
439d |
458d
|
25/28 |
349d |
1a49f4195d34
bpf: Avoid dummy bpf_offload_netdev in __bpf_prog_dev_bound_init
|
WARNING: refcount bug in xp_put_pool
bpf
net
|
C |
done |
|
2 |
494d |
492d
|
23/28 |
419d |
85c2c79a0730
xsk: fix refcount underflow in error path
|
KASAN: slab-use-after-free Read in xsk_diag_dump
net
bpf
|
C |
done |
|
9 |
454d |
463d
|
23/28 |
419d |
3e019d8a05a3
xsk: Fix xsk_diag use-after-free error during socket cleanup
|
UBSAN: array-index-out-of-bounds in bpf_mprog_detach
bpf
|
|
|
|
3 |
488d |
493d
|
23/28 |
419d |
d210f9735e13
bpf: Fix mprog detachment for empty mprog entry
|
KCSAN: data-race in bpf_percpu_array_update / bpf_percpu_array_update (2)
bpf
|
|
|
|
1 |
463d |
463d
|
23/28 |
419d |
6a86b5b5cd76
bpf: Annotate bpf_long_memcpy with data_race
|
WARNING in tcx_uninstall
bpf
net
|
C |
done |
|
7 |
493d |
497d
|
23/28 |
419d |
079082c60aff
tcx: Fix splat during dev unregister
|
WARNING in bpf_xdp_adjust_tail (4)
bpf
|
C |
error |
|
466 |
484d |
695d
|
23/28 |
419d |
d14eea09edf4
net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail()
|
KMSAN: uninit-value in ieee802154_subif_start_xmit
bpf
|
C |
done |
|
119 |
489d |
485d
|
23/28 |
419d |
db2baf82b098
bpf: Fix an incorrect verification success with movsx insn
|
WARNING: ODEBUG bug in tcx_uninstall
net
bpf
|
C |
done |
|
38 |
498d |
503d
|
23/28 |
419d |
dc644b540a2d
tcx: Fix splat in ingress_destroy upon tcx_entry_free
|
INFO: rcu detected stall in ext4_file_write_iter (7)
mm
bpf
ext4
|
|
|
|
3 |
461d |
503d
|
23/28 |
419d |
8c21ab1bae94
net/sched: fq_pie: avoid stalls in fq_pie_timer()
|
UBSAN: array-index-out-of-bounds in print_bpf_insn
bpf
|
C |
done |
|
9 |
490d |
492d
|
23/28 |
419d |
e99688eba2e9
bpf: Fix an array-index-out-of-bounds issue in disasm.c
|
KCSAN: data-race in __bpf_lru_list_rotate / __htab_lru_percpu_map_update_elem (5)
bpf
|
|
|
|
13 |
527d |
589d
|
23/28 |
433d |
ee9fd0ac3017
bpf: Address KCSAN report on bpf_lru_list
|
WARNING in btf_type_id_size (2)
bpf
|
C |
error |
|
8 |
528d |
560d
|
23/28 |
433d |
e6c2f594ed96
bpf: Silence a warning in btf_type_id_size()
|
WARNING: bad unlock balance in bpf
bpf
|
C |
done |
|
12 |
558d |
558d
|
23/28 |
433d |
4266f41feaee
bpf: Fix bad unlock balance on freeze_mutex
|
WARNING in bpf_verifier_vlog
bpf
|
C |
inconclusive |
|
6 |
580d |
817d
|
23/28 |
433d |
cff36398bd4c
bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log
|
BUG: unable to handle kernel NULL pointer dereference in __build_skb_around
net
bpf
|
C |
done |
|
29 |
625d |
630d
|
22/28 |
545d |
e5995bc7e2ba
bpf, test_run: fix crashes due to XDP frame overwriting/corruption
|
KASAN: slab-out-of-bounds Write in copy_array (2)
bpf
|
|
|
|
108 |
545d |
573d
|
22/28 |
545d |
45435d8da71f
bpf: Always use maximal size for copy_array()
|
riscv/fixes boot error: WARNING in __apply_to_page_range (2)
bpf
|
|
|
|
5 |
652d |
714d
|
22/28 |
545d |
96f9d4daf745
riscv: Rework kasan population functions
|
general protection fault in bpf_struct_ops_link_create
bpf
net
|
C |
done |
|
17 |
619d |
621d
|
22/28 |
545d |
55fbae05476d
bpf: Check IS_ERR for the bpf_map_get() return value
|
WARNING in sock_map_del_link
bpf
net
|
|
|
|
91 |
600d |
601d
|
22/28 |
545d |
8c5c2a4898e3
bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
|
KASAN: slab-out-of-bounds Write in copy_verifier_state
bpf
|
C |
error |
done |
825 |
698d |
716d
|
22/28 |
545d |
45435d8da71f
bpf: Always use maximal size for copy_array()
|
BUG: stack guard page was hit in inet6_release
bpf
net
|
C |
done |
|
4 |
680d |
729d
|
22/28 |
545d |
ddce1e091757
bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
|
possible deadlock in bpf_trace_printk
bpf
trace
|
C |
done |
done |
68 |
653d |
909d
|
22/28 |
622d |
05b24ff9b2cf
bpf: Prevent bpf program recursion for raw tracepoint probes
|
KASAN: vmalloc-out-of-bounds Read in bpf_jit_free
bpf
|
C |
|
|
68 |
848d |
1024d
|
22/28 |
649d |
1d5f82d9dd47
bpf, x86: fix freeing of not-finalized bpf_prog_pack
d24d2a2b0a81
bpf: bpf_prog_pack: Set proper size before freeing ro_header
|
WARNING: kmalloc bug in xdp_umem_create (2)
bpf
net
|
C |
done |
|
21 |
1028d |
1094d
|
22/28 |
649d |
0708a0afe291
mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
|
BUG: sleeping function called from invalid context in sk_psock_skb_ingress_self
net
bpf
|
C |
done |
|
151 |
759d |
781d
|
22/28 |
649d |
2d1f274b95c6
skmsg: pass gfp argument to alloc_sk_msg()
|
WARNING in bpf_skb_load_helper_16_no_cache
bpf
|
C |
done |
|
6 |
856d |
885d
|
22/28 |
649d |
0326195f523a
bpf: Make sure mac_header was set before using it
|
KASAN: vmalloc-out-of-bounds Write in ringbuf_map_alloc
bpf
|
C |
done |
|
541 |
1034d |
1037d
|
22/28 |
649d |
b293dcc473d2
bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
|
bpf-next boot error: WARNING in bpf_prog_pack_free
bpf
|
|
|
|
12 |
988d |
989d
|
22/28 |
649d |
96805674e562
bpf: Fix bpf_prog_pack for multi-node setup
|
KASAN: slab-out-of-bounds Write in bpf_prog_test_run_xdp
bpf
net
|
C |
done |
|
18 |
1024d |
1042d
|
22/28 |
649d |
a6763080856f
bpf: test_run: Fix OOB access in bpf_prog_test_run_xdp
|
general protection fault in do_check_common
bpf
|
C |
done |
|
5 |
881d |
885d
|
22/28 |
649d |
d1a6edecc1fd
bpf: Check attach_func_proto more carefully in check_return_code
|
WARNING in bpf_test_finish
net
bpf
|
C |
done |
|
3 |
1010d |
1010d
|
22/28 |
649d |
530e214c5b5a
bpf, test_run: Fix overflow in XDP frags bpf_test_finish
|
KMSAN: uninit-value in ___bpf_prog_run (3)
bpf
|
C |
|
|
5 |
963d |
965d
|
22/28 |
649d |
99c07327ae11
netlink: reset network and mac headers in netlink_dump()
|
general protection fault in check_helper_call
bpf
|
C |
done |
|
4 |
868d |
873d
|
22/28 |
649d |
d1a6edecc1fd
bpf: Check attach_func_proto more carefully in check_return_code
|
general protection fault in btf_decl_tag_resolve
bpf
|
C |
done |
|
6 |
1035d |
1035d
|
22/28 |
649d |
d7e7b42f4f95
bpf: Fix a btf decl_tag bug when tagging a function
|
BUG: missing reserved tailroom
bpf
net
|
C |
done |
|
2 |
1000d |
1000d
|
22/28 |
649d |
b6f1f780b393
bpf, test_run: Fix packet size check for live packet mode
|
KASAN: slab-out-of-bounds Write in __build_skb_around
bpf
net
|
C |
error |
|
2536 |
722d |
737d
|
22/28 |
649d |
ce098da1497c
skbuff: Introduce slab_build_skb()
|
WARNING in btf_type_id_size
bpf
|
C |
done |
|
10 |
709d |
780d
|
22/28 |
649d |
ea68376c8bed
bpf: prevent decl_tag from being referenced in func_proto
|
WARNING: ODEBUG bug in htab_map_alloc
bpf
|
C |
|
|
6456 |
792d |
816d
|
22/28 |
649d |
cf7de6a53600
bpf: add missing percpu_counter_destroy() in htab_map_alloc()
|
WARNING: kmalloc bug in bpf
bpf
|
C |
done |
done |
562 |
987d |
1104d
|
22/28 |
649d |
0708a0afe291
mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
|
WARNING in bpf_skb_load_helper_32
bpf
|
C |
done |
|
9 |
850d |
881d
|
22/28 |
649d |
0326195f523a
bpf: Make sure mac_header was set before using it
|
WARNING in bpf_bprintf_prepare (2)
bpf
|
C |
|
|
2 |
783d |
822d
|
22/28 |
649d |
05b24ff9b2cf
bpf: Prevent bpf program recursion for raw tracepoint probes
|
WARNING in check_map_prog_compatibility
bpf
|
C |
inconclusive |
done |
128 |
801d |
964d
|
22/28 |
649d |
34dd3bad1a6f
bpf: Relax the requirement to use preallocated hash maps in tracing progs.
|
bpf-next boot error: KASAN: global-out-of-bounds Read in task_iter_init
bpf
|
|
|
|
42 |
1118d |
1121d
|
20/28 |
1002d |
9e2ad638ae36
bpf: Extend BTF_ID_LIST_GLOBAL with parameter for number of IDs
|
general protection fault in bpf_skb_cgroup_id
bpf
net
|
C |
inconclusive |
|
107 |
1158d |
1174d
|
20/28 |
1002d |
435b08ec0094
bpf, test, cgroup: Use sk_{alloc,free} for test cases
|
general protection fault in bpf_skb_ancestor_cgroup_id
bpf
net
|
C |
unreliable |
|
232 |
1157d |
1174d
|
20/28 |
1002d |
435b08ec0094
bpf, test, cgroup: Use sk_{alloc,free} for test cases
|
general protection fault in dev_get_by_index_rcu (2)
bpf
net
|
C |
error |
|
18 |
1062d |
1062d
|
20/28 |
1002d |
382778edc826
xdp: check prog type before updating BPF link
|
WARNING: kmalloc bug in bpf_check
bpf
|
C |
done |
|
34 |
1175d |
1187d
|
20/28 |
1002d |
0e6491b55970
bpf: Add oversize check before call kvcalloc()
|
KASAN: vmalloc-out-of-bounds Read in bpf_prog_put
bpf
|
C |
done |
|
2 |
1082d |
1080d
|
20/28 |
1002d |
218d747a4142
bpf, sockmap: Fix double bpf_prog_put on error case in map_link
|
WARNING in bpf_bprintf_prepare
bpf
|
C |
unreliable |
|
96 |
1266d |
1304d
|
20/28 |
1120d |
e2d5b2bb769f
bpf: Fix nested bpf_bprintf_prepare with more per-cpu buffers
|
UBSAN: shift-out-of-bounds in ___bpf_prog_run
bpf
|
C |
unreliable |
|
38 |
1254d |
1365d
|
20/28 |
1120d |
28131e9d9333
bpf: Fix up register-based shifts in interpreter to silence KUBSAN
|
KASAN: use-after-free Write in sk_psock_stop
bpf
net
|
syz |
done |
|
74 |
1319d |
1338d
|
20/28 |
1120d |
aadb2bb83ff7
sock_map: Fix a potential use-after-free in sock_map_close()
|
memory leak in bpf (2)
bpf
|
C |
|
|
3 |
1275d |
1343d
|
20/28 |
1120d |
ccff81e1d028
bpf: Fix false positive kmemleak report in bpf_ringbuf_area_alloc()
|
general protection fault in btf_type_id_size
bpf
|
C |
unreliable |
|
6 |
1371d |
1368d
|
20/28 |
1120d |
350a5c4dd245
bpf: Dont allow vmlinux BTF to be used in map_create and prog_load.
|
WARNING: suspicious RCU usage in tcp_bpf_update_proto
bpf
net
|
C |
done |
|
539 |
1318d |
1338d
|
20/28 |
1120d |
51e0158a5432
skmsg: Pass psock pointer to ->psock_update_sk_prot()
|
WARNING: suspicious RCU usage in bpf_get_current_cgroup_id
bpf
|
C |
done |
|
764 |
1191d |
1229d
|
20/28 |
1120d |
2d3a1e3615c5
bpf: Add rcu_read_lock in bpf_get_current_[ancestor_]cgroup_id() helpers
|
WARNING in tracepoint_add_func
bpf
trace
|
C |
done |
|
20635 |
1236d |
1620d
|
20/28 |
1120d |
9913d5745bd7
tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
|
KASAN: vmalloc-out-of-bounds Read in bpf_trace_run2
trace
bpf
|
C |
done |
done |
5 |
1377d |
1535d
|
20/28 |
1331d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
BUG: unable to handle kernel paging request in bpf_trace_run2
bpf
trace
|
C |
done |
done |
10 |
1374d |
1535d
|
20/28 |
1331d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
KMSAN: uninit-value in bpf_iter_prog_supported
bpf
|
|
|
|
4479 |
1335d |
1396d
|
20/28 |
1335d |
17d8beda277a
bpf: Fix an unitialized value in bpf_iter
|
KCSAN: data-race in bpf_lru_pop_free / bpf_lru_push_free
bpf
|
|
|
|
237 |
1383d |
1570d
|
20/28 |
1335d |
6df8fb83301d
bpf_lru_list: Read double-checked variable once without lock
|
KCSAN: data-race in __bpf_lru_list_rotate / bpf_lru_push_free (2)
bpf
|
|
|
|
32 |
1389d |
1458d
|
20/28 |
1335d |
6df8fb83301d
bpf_lru_list: Read double-checked variable once without lock
|
KASAN: vmalloc-out-of-bounds Read in bpf_trace_run3
bpf
trace
|
C |
done |
|
6 |
1391d |
1493d
|
20/28 |
1335d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
BUG: unable to handle kernel paging request in bpf_trace_run3
bpf
trace
|
C |
done |
|
40 |
1382d |
1504d
|
20/28 |
1335d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
memory leak in xskq_create
bpf
net
|
C |
|
|
7 |
1431d |
1452d
|
19/28 |
1365d |
8bee68338408
xsk: Fix memory leak for failed bind
|
BUG: unable to handle kernel paging request in htab_map_alloc (2)
bpf
|
C |
unreliable |
|
8 |
1452d |
1461d
|
19/28 |
1365d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
BUG: unable to handle kernel paging request in bpf_lru_populate
bpf
|
C |
done |
|
12 |
1452d |
1458d
|
19/28 |
1365d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
general protection fault in xsk_recvmsg
bpf
net
|
C |
done |
unreliable |
1800 |
1450d |
1420d
|
19/28 |
1365d |
3546b9b8eced
xsk: Validate socket state in xsk_recvmsg, prior touching socket members
|
KASAN: vmalloc-out-of-bounds Write in pcpu_freelist_populate
bpf
|
|
|
|
6 |
1454d |
1458d
|
19/28 |
1365d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: use-after-free Read in htab_map_alloc
bpf
|
C |
done |
|
38 |
1493d |
1495d
|
19/28 |
1365d |
8aaeed81fcb9
bpf: Fix error path in htab_map_alloc()
|
BUG: unable to handle kernel paging request in htab_free_elems
bpf
|
|
|
|
1 |
1459d |
1459d
|
19/28 |
1365d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: vmalloc-out-of-bounds Write in htab_map_alloc
bpf
|
|
|
|
6 |
1452d |
1461d
|
19/28 |
1365d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
BUG: unable to handle kernel paging request in pcpu_freelist_populate
bpf
|
C |
unreliable |
|
42 |
1450d |
1461d
|
19/28 |
1365d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: vmalloc-out-of-bounds Read in htab_free_elems
bpf
|
C |
unreliable |
|
7 |
1458d |
1459d
|
19/28 |
1365d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: vmalloc-out-of-bounds Write in bpf_lru_populate
bpf
|
C |
unreliable |
|
19 |
1451d |
1462d
|
19/28 |
1365d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
general protection fault in xsk_release
bpf
net
|
C |
done |
|
2 |
1531d |
1531d
|
15/28 |
1479d |
1fd17c8cd0aa
xsk: Fix possible crash in socket_release when out-of-memory
|
KASAN: use-after-free Write in xp_put_pool
bpf
net
|
C |
done |
|
50 |
1532d |
1554d
|
15/28 |
1479d |
83cf5c68d663
xsk: Fix use-after-free in failed shared_umem bind
|
general protection fault in xsk_is_setup_for_bpf_map
bpf
net
|
C |
error |
|
294 |
1531d |
1554d
|
15/28 |
1479d |
968be23ceaca
xsk: Fix possible segfault at xskmap entry insertion
|
WARNING in bpf_raw_tp_link_fill_link_info
bpf
|
C |
error |
|
56 |
1532d |
1546d
|
15/28 |
1479d |
b474959d5afd
bpf: Fix a buffer out-of-bound access when filling raw_tp link_info
|
memory leak in xdp_umem_create
net
bpf
|
C |
|
|
17 |
1483d |
1503d
|
15/28 |
1479d |
e5e1a4bc916d
xsk: Fix possible memory leak at socket close
|
general protection fault in xsk_diag_dump (2)
bpf
net
|
C |
|
|
354 |
1536d |
1554d
|
15/28 |
1479d |
53ea2076d851
xsk: Fix possible segfault in xsk umem diagnostics
|
general protection fault in __btf_resolve_helper_id
bpf
|
C |
|
|
17 |
1604d |
1613d
|
15/28 |
1539d |
5b801dfb7feb
bpf: Fix NULL pointer dereference in __btf_resolve_helper_id()
|
KASAN: use-after-free Write in bpf_link_put
bpf
|
|
|
|
2 |
1677d |
1679d
|
15/28 |
1601d |
138c67677ff5
bpf: Fix use-after-free of bpf_link when priming half-fails
|
general protection fault in sock_hash_free
net
bpf
|
|
|
|
1 |
1645d |
1645d
|
15/28 |
1601d |
75e68e5bf2c7
bpf, sockhash: Synchronize delete from bucket list on map free
|
BUG: unable to handle kernel NULL pointer dereference in smp_call_function_many_cond (2)
bpf
|
|
|
|
1 |
1624d |
1624d
|
15/28 |
1601d |
3021e69219e2
kcov: check kcov_softirq in kcov_remote_stop()
|
KMSAN: uninit-value in bpf_skb_load_helper_32_no_cache
net
bpf
|
|
|
|
2 |
1764d |
1762d
|
15/28 |
1694d |
457fed775c97
net/smc: fix leak of kernel memory to user space
|
possible deadlock in htab_lru_map_delete_node
bpf
|
C |
done |
|
264 |
1747d |
1752d
|
15/28 |
1694d |
b9aff38de2cb
bpf: Fix a potential deadlock with bpf_map_do_batch
|
possible deadlock in bpf_lru_push_free
bpf
|
C |
done |
|
609 |
1747d |
1753d
|
15/28 |
1694d |
b9aff38de2cb
bpf: Fix a potential deadlock with bpf_map_do_batch
|
BUG: sleeping function called from invalid context in lock_sock_nested
bpf
net
|
C |
|
|
1232 |
1751d |
1826d
|
15/28 |
1751d |
37f96694cf73
crypto: af_alg - Use bh_lock_sock in sk_destruct
|
WARNING in sk_psock_drop
bpf
net
|
|
|
|
157 |
1774d |
1783d
|
15/28 |
1751d |
58c8db929db1
net, sk_msg: Don't check if sock is locked when tearing down psock
|
general protection fault in free_verifier_state (3)
bpf
|
C |
|
|
5 |
1779d |
1785d
|
15/28 |
1751d |
f59bbfc2f609
bpf: Fix error path under memory pressure
|
KASAN: vmalloc-out-of-bounds Write in pcpu_alloc
bpf
|
C |
done |
|
31 |
1803d |
1827d
|
15/28 |
1755d |
253a496d8e57
kasan: don't assume percpu shadow allocations will succeed
|
BUG: unable to handle kernel paging request in pcpu_alloc
bpf
|
C |
done |
|
24 |
1808d |
1827d
|
15/28 |
1755d |
253a496d8e57
kasan: don't assume percpu shadow allocations will succeed
|
KASAN: slab-out-of-bounds Read in bpf_prog_create
bpf
net
|
C |
done |
|
447 |
1823d |
1905d
|
15/28 |
1792d |
0033b34a03ec
ppp: fix out-of-bounds access in bpf_prog_create()
|
KASAN: use-after-free Read in bpf_prog_kallsyms_find (2)
bpf
|
C |
done |
|
9 |
1868d |
1878d
|
13/28 |
1838d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
KASAN: use-after-free Read in is_bpf_text_address
bpf
|
C |
done |
|
3 |
1869d |
1870d
|
13/28 |
1838d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
BUG: unable to handle kernel paging request in is_bpf_text_address
bpf
|
C |
done |
|
2 |
1874d |
1874d
|
13/28 |
1838d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
BUG: unable to handle kernel NULL pointer dereference in xsk_poll
bpf
net
|
C |
done |
|
10 |
1874d |
1892d
|
13/28 |
1857d |
df551058f7a3
xsk: Fix crash in poll when device does not support ndo_xsk_wakeup
|
general protection fault in bpf_tcp_close (2)
bpf
|
C |
|
done |
26 |
2294d |
2338d
|
13/28 |
1871d |
e06fa9c16ce4
bpf, sockmap: fix potential use after free in bpf_tcp_close
|
general protection fault in xsk_poll
bpf
net
|
C |
done |
|
430 |
1906d |
1933d
|
13/28 |
1876d |
42fddcc7c64b
xsk: use state member for socket synchronization
|
general protection fault in xsk_map_update_elem
bpf
|
C |
done |
|
12 |
1896d |
1899d
|
13/28 |
1876d |
fcd30ae0665c
bpf/xskmap: Return ERR_PTR for failure case instead of NULL.
|
general protection fault in dev_map_hash_update_elem
bpf
net
|
C |
done |
|
4 |
1910d |
1917d
|
13/28 |
1876d |
af58e7ee6a8d
xdp: Fix race in dev_map_hash_update_elem() when replacing element
|
WARNING in __mark_chain_precision (2)
bpf
|
C |
done |
|
18 |
1906d |
1924d
|
13/28 |
1883d |
2339cd6cd0b5
bpf: fix precision tracking of stack slots
|
WARNING: suspicious RCU usage (4)
bpf
trace
|
C |
|
done |
1 |
2285d |
2284d
|
13/28 |
1888d |
865e63b04e9b
tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
|
WARNING: suspicious RCU usage in trace_call_bpf
bpf
trace
|
C |
|
done |
327 |
2267d |
2284d
|
13/28 |
1888d |
865e63b04e9b
tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
|
KASAN: use-after-free Read in psock_map_pop
bpf
|
C |
|
done |
204 |
2234d |
2277d
|
13/28 |
1888d |
5607fff30363
bpf: sockmap only allow ESTABLISHED sock state
|
KASAN: slab-out-of-bounds Read in sock_hash_ctx_update_elem
bpf
|
C |
|
done |
5 |
2319d |
2319d
|
13/28 |
1888d |
b845c898b2f1
bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
|
general protection fault in smap_list_hash_remove
bpf
|
C |
|
done |
52 |
2326d |
2345d
|
13/28 |
1888d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
WARNING in bpf_jit_free
bpf
|
C |
done |
|
21697 |
1916d |
2333d
|
12/28 |
1916d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
WARNING in bpf_prog_kallsyms_add
bpf
|
syz |
done |
done |
2 |
1958d |
2161d
|
12/28 |
1916d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_find
bpf
|
syz |
done |
inconclusive |
3 |
2133d |
2208d
|
12/28 |
1916d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_add
bpf
|
syz |
error |
|
234 |
1917d |
2277d
|
12/28 |
1916d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in bpf_prog_kallsyms_del
bpf
|
syz |
done |
inconclusive |
3 |
2164d |
2242d
|
12/28 |
1916d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in bpf_get_prog_name
bpf
|
|
|
|
1 |
1959d |
1958d
|
12/28 |
1916d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
WARNING in bpf_prog_kallsyms_find
bpf
|
C |
error |
|
5632 |
1916d |
2037d
|
12/28 |
1916d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
WARNING in is_bpf_text_address
bpf
|
C |
done |
|
104 |
1926d |
1993d
|
12/28 |
1916d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in bpf_prog_kallsyms_add
bpf
|
syz |
error |
inconclusive |
120 |
2043d |
2277d
|
12/28 |
1916d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
BUG: unable to handle kernel paging request in __do_softirq
bpf
|
syz |
done |
done |
1 |
1995d |
1995d
|
12/28 |
1926d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
BUG: unable to handle kernel paging request in tls_prots
net
bpf
|
syz |
done |
|
1 |
1988d |
1988d
|
12/28 |
1926d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
possible deadlock in xsk_notifier
bpf
net
|
C |
done |
|
495 |
1965d |
1976d
|
12/28 |
1939d |
5464c3a0e9a0
xdp: fix potential deadlock on socket mutex
|
general protection fault in btf_array_resolve
bpf
|
C |
error |
|
109 |
1972d |
1995d
|
12/28 |
1948d |
e4f07120210a
bpf: fix NULL deref in btf_type_is_resolve_source_only
|
general protection fault in btf_struct_resolve
bpf
|
C |
error |
|
49 |
1972d |
1995d
|
12/28 |
1948d |
e4f07120210a
bpf: fix NULL deref in btf_type_is_resolve_source_only
|
KASAN: use-after-free Read in __dev_map_entry_free
bpf
net
|
C |
|
|
473 |
2078d |
2359d
|
12/28 |
1996d |
2baae3545327
bpf: devmap: fix use-after-free Read in __dev_map_entry_free
|
general protection fault in xsk_diag_dump
bpf
net
|
C |
|
|
5 |
2096d |
2101d
|
11/28 |
2078d |
915905f8b1d4
xsk: fix potential crash in xsk_diag_put_umem()
|
KASAN: use-after-free Read in bpf_cgroup_storage_release
bpf
|
C |
|
|
2 |
2316d |
2316d
|
11/28 |
2117d |
82c018d734a7
Merge branch 'bpf-cgroup-local-storage'
|
WARNING in __debug_object_init (3)
bpf
net
|
C |
|
|
1557 |
2228d |
2229d
|
11/28 |
2144d |
2cb494a36c98
bpf: add tests for direct packet access from CGROUP_SKB
|
KASAN: slab-out-of-bounds Write in queue_stack_map_push_elem
bpf
|
C |
|
|
30 |
2199d |
2201d
|
11/28 |
2189d |
813961de3ee6
bpf: fix integer overflow in queue_stack_map
|
WARNING in bpf_check (2)
bpf
|
C |
|
|
9 |
2212d |
2211d
|
11/28 |
2189d |
afd594240806
bpf: fix off-by-one error in adjust_subprog_starts
|
KASAN: slab-out-of-bounds Read in refcount_inc_not_zero_checked
bpf
net
|
|
|
|
2 |
2239d |
2240d
|
11/28 |
2214d |
5032d079909d
bpf: skmsg, fix psock create on existing kcm/tls port
|
BUG: sleeping function called from invalid context at net/core/dev.c:LINE
bpf
|
syz |
|
|
8 |
2240d |
2249d
|
11/28 |
2227d |
cee271678d0e
xsk: do not call synchronize_net() under RCU read lock
|
WARNING in pcpu_alloc
bpf
|
C |
|
|
4 |
2247d |
2256d
|
11/28 |
2246d |
b0584ea66d73
bpf: don't accept cgroup local storage with zero value size
|
WARNING: suspicious RCU usage in bpf_prog_array_copy_core
bpf
|
C |
|
|
22873 |
2290d |
2304d
|
8/28 |
2290d |
965931e3a803
bpf: fix a rcu usage warning in bpf_prog_array_copy_core()
|
KASAN: out-of-bounds Read in bpf_test_finish
bpf
net
|
|
|
|
9 |
2334d |
2340d
|
8/28 |
2311d |
6e6fddc78323
bpf: fix panic due to oob in bpf_prog_test_run_skb
|
WARNING: refcount bug in smap_release_sock
bpf
|
C |
|
|
55 |
2327d |
2366d
|
8/28 |
2311d |
7ebc14d507b4
bpf: sockmap, consume_skb in close path
547b3aa451ae
bpf: sockmap, error path can not release psock in multi-map case
|
KASAN: stack-out-of-bounds Read in bpf_tcp_close
bpf
|
C |
|
|
1 |
2331d |
2330d
|
8/28 |
2311d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
WARNING in bpf_check
bpf
|
|
|
|
3 |
2331d |
2337d
|
8/28 |
2311d |
c7a897843224
bpf: don't leave partial mangled prog in jit_subprogs error path
|
WARNING in do_debug (2)
bpf
|
|
|
|
1 |
2331d |
2331d
|
8/28 |
2311d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
KASAN: use-after-free Read in bpf_test_finish
bpf
net
|
C |
|
|
1211 |
2326d |
2340d
|
8/28 |
2311d |
6e6fddc78323
bpf: fix panic due to oob in bpf_prog_test_run_skb
|
WARNING in bpf_int_jit_compile
bpf
net
|
syz |
|
|
11 |
2348d |
2384d
|
8/28 |
2340d |
9facc336876f
bpf: reject any prog that failed read-only lock
|
possible deadlock in sock_hash_free
bpf
|
C |
|
|
45 |
2381d |
2381d
|
8/28 |
2340d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
WARNING: ODEBUG bug in sock_hash_free
bpf
|
|
|
|
1 |
2354d |
2353d
|
8/28 |
2340d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
KASAN: slab-out-of-bounds Read in bpf_csum_update
bpf
net
|
C |
|
|
2 |
2378d |
2375d
|
8/28 |
2340d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
INFO: rcu detected stall in is_bpf_text_address
bpf
|
C |
|
|
1 |
2391d |
2391d
|
8/28 |
2340d |
1d88ba1ebb27
sctp: not allow transport timeout value less than HZ/5 for hb_timer
|
KASAN: use-after-free Read in bpf_skb_change_proto
bpf
net
|
|
|
|
1 |
2370d |
2369d
|
8/28 |
2340d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
WARNING in bpf_prog_select_runtime
bpf
|
syz |
|
|
45 |
2364d |
2365d
|
8/28 |
2340d |
9facc336876f
bpf: reject any prog that failed read-only lock
|
KASAN: slab-out-of-bounds Read in bpf_skb_vlan_push
bpf
net
|
syz |
|
|
2 |
2366d |
2366d
|
8/28 |
2340d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: use-after-free Read in skb_ensure_writable
bpf
net
|
C |
|
|
4 |
2369d |
2375d
|
8/28 |
2340d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: use-after-free Read in bpf_tcp_close
bpf
|
C |
|
|
1748 |
2345d |
2384d
|
8/28 |
2340d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
BUG: unable to handle kernel paging request in bpf_prog_select_runtime
bpf
|
|
|
|
1 |
2356d |
2355d
|
8/28 |
2340d |
85782e037f8a
bpf: undo prog rejection on read-only lock failure
|
WARNING: kmalloc bug in xdp_umem_create
bpf
net
|
C |
|
|
7 |
2363d |
2369d
|
8/28 |
2340d |
a343993c518c
xsk: silence warning on memory allocation failure
|
KASAN: slab-out-of-bounds Read in bpf_skb_change_proto
bpf
net
|
C |
|
|
2 |
2369d |
2369d
|
8/28 |
2340d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: slab-out-of-bounds Read in skb_ensure_writable
bpf
net
|
C |
|
|
9 |
2366d |
2375d
|
8/28 |
2340d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: use-after-free Read in bpf_csum_update
bpf
net
|
C |
|
|
1 |
2378d |
2375d
|
8/28 |
2340d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
BUG: unable to handle kernel paging request in bpf_int_jit_compile
bpf
net
|
syz |
|
|
2 |
2352d |
2355d
|
8/28 |
2340d |
85782e037f8a
bpf: undo prog rejection on read-only lock failure
|
KASAN: use-after-free Write in bpf_tcp_close
bpf
|
C |
|
|
67 |
2347d |
2383d
|
8/28 |
2340d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
general protection fault in bpf_tcp_close
bpf
|
C |
|
|
421 |
2340d |
2384d
|
8/28 |
2340d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
54fedb42c653
bpf: sockmap, fix smap_list_map_remove when psock is in many maps
|
KASAN: slab-out-of-bounds Read in bpf_skb_change_head
bpf
net
|
C |
|
|
2 |
2366d |
2365d
|
8/28 |
2340d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
WARNING: kmalloc bug in map_get_next_key
bpf
|
C |
|
|
5 |
2393d |
2394d
|
8/28 |
2340d |
683d2ac3904c
bpf: fix sock hashmap kmalloc warning
|
KASAN: null-ptr-deref Write in xdp_umem_unaccount_pages
bpf
net
|
C |
|
|
25 |
2368d |
2372d
|
8/28 |
2340d |
c09290c56376
bpf, xdp: fix crash in xdp_umem_unaccount_pages
|
WARNING: kmalloc bug in memdup_user (3)
bpf
|
C |
|
|
137 |
2393d |
2394d
|
8/28 |
2340d |
683d2ac3904c
bpf: fix sock hashmap kmalloc warning
|
possible deadlock in bpf_tcp_close
bpf
|
C |
|
|
152 |
2381d |
2382d
|
8/28 |
2340d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
possible deadlock in perf_event_detach_bpf_prog
bpf
trace
|
|
|
|
1 |
2442d |
2442d
|
5/28 |
2402d |
3a38bb98d9ab
bpf/tracing: fix a deadlock in perf_event_detach_bpf_prog
|
WARNING in kvmalloc_node
bpf
net
|
C |
|
|
513 |
2479d |
2485d
|
4/28 |
2473d |
7fc17e909edf
bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
|
general protection fault in SyS_bpf (2)
bpf
|
C |
|
|
1065 |
2473d |
2487d
|
4/28 |
2473d |
952fad8e3239
bpf: fix sock_map_alloc() error path
|
WARNING: kmalloc bug in bpf_prog_array_copy_info
bpf
|
C |
|
|
4424 |
2473d |
2485d
|
4/28 |
2473d |
9c481b908b01
bpf: fix bpf_prog_array_copy_to_user warning from perf event prog query
|
WARNING: kmalloc bug in cpu_map_update_elem
bpf
net
|
C |
|
|
2677 |
2473d |
2484d
|
4/28 |
2473d |
7fc17e909edf
bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
|
general protection fault in ___bpf_prog_run
bpf
|
C |
|
|
8 |
2492d |
2500d
|
4/28 |
2487d |
65073a67331d
bpf: fix null pointer deref in bpf_prog_test_run_xdp
|
general protection fault in trie_get_next_key
bpf
|
C |
|
|
3 |
2504d |
2504d
|
4/28 |
2497d |
6dd1ec6c7a2c
bpf: fix kernel page fault in lpm map trie_get_next_key
|
KASAN: use-after-free Read in __bpf_prog_put
bpf
|
|
|
|
1 |
2519d |
2519d
|
4/28 |
2498d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
BUG: unable to handle kernel paging request in check_memory_region
bpf
|
C |
|
|
10 |
2515d |
2517d
|
4/28 |
2498d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Read in map_lookup_elem
bpf
|
C |
|
|
6 |
2514d |
2517d
|
4/28 |
2498d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
suspicious RCU usage at ./include/linux/rcupdate.h:LINE (3)
bpf
|
C |
|
|
5087 |
2499d |
2508d
|
4/28 |
2498d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
general protection fault in copy_verifier_state
bpf
|
C |
|
|
2 |
2531d |
2527d
|
4/28 |
2498d |
5896351ea936
bpf: fix verifier GPF in kmalloc failure path
|
BUG: sleeping function called from invalid context at mm/slab.h:LINE (2)
bpf
|
|
|
|
2 |
2507d |
2507d
|
4/28 |
2498d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
WARNING in xdp_rxq_info_unreg
bpf
net
|
C |
|
|
198 |
2507d |
2508d
|
4/28 |
2498d |
c13da21cdb80
tun: avoid calling xdp_rxq_info_unreg() twice
|
general protection fault in free_verifier_state (2)
bpf
|
C |
|
|
2 |
2522d |
2522d
|
4/28 |
2498d |
5896351ea936
bpf: fix verifier GPF in kmalloc failure path
|
suspicious RCU usage at mm/slab.h:LINE
bpf
|
|
|
|
1 |
2507d |
2507d
|
4/28 |
2498d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
KASAN: slab-out-of-bounds Read in map_lookup_elem
bpf
|
C |
|
|
6 |
2514d |
2517d
|
4/28 |
2507d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Write in array_map_update_elem
bpf
|
C |
|
|
11 |
2513d |
2515d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
BUG: unable to handle kernel paging request in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
5 |
2514d |
2517d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
general protection fault in __bpf_prog_put
bpf
|
C |
|
|
212 |
2513d |
2520d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
WARNING in ___bpf_prog_run
bpf
|
C |
|
|
28 |
2513d |
2520d
|
4/28 |
2508d |
7891a87efc71
bpf: arsh is not supported in 32 bit alu thus reject it
|
BUG: unable to handle kernel paging request in fd_array_map_delete_elem
bpf
|
|
|
|
11 |
2513d |
2520d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: slab-out-of-bounds Read in perf_event_fd_array_release
bpf
|
C |
|
|
96 |
2513d |
2520d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Read in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
21 |
2514d |
2519d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
general protection fault in __bpf_map_put
bpf
|
C |
|
|
331 |
2513d |
2520d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
general protection fault in cgroup_fd_array_put_ptr
bpf
|
C |
|
|
219 |
2513d |
2520d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
divide error in ___bpf_prog_run
bpf
|
C |
|
|
28 |
2510d |
2517d
|
4/28 |
2508d |
68fda450a7df
bpf: fix 32-bit divide by zero
|
KASAN: slab-out-of-bounds Read in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
7 |
2515d |
2519d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: slab-out-of-bounds Write in array_map_update_elem
bpf
|
C |
|
|
6 |
2515d |
2515d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
BUG: unable to handle kernel paging request in __bpf_map_put
bpf
|
|
|
|
1 |
2517d |
2516d
|
4/28 |
2508d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
WARNING in adjust_ptr_min_max_vals
bpf
|
C |
|
|
252 |
2510d |
2527d
|
4/28 |
2508d |
6f16101e6a8b
bpf: mark dst unknown on inconsistent {s, u}bounds adjustments
|
general protection fault in free_verifier_state
bpf
|
C |
|
|
2 |
2540d |
2540d
|
3/28 |
2534d |
8c01c4f896aa
bpf: fix verifier NULL pointer dereference
|
general protection fault in bpf_check
bpf
|
|
|
|
3 |
2584d |
2589d
|
3/28 |
2563d |
8c01c4f896aa
bpf: fix verifier NULL pointer dereference
|