KASAN: slab-use-after-free Read in bpf_trace_run2 (2)
bpf
trace
|
syz |
error |
|
123 |
47d |
64d
|
27/28 |
never |
2e8a12b82c40
tracing: Fix syscall tracepoint use-after-free
|
KASAN: vmalloc-out-of-bounds Write in push_insn_history
bpf
|
|
|
|
136 |
12d |
25d
|
27/28 |
never |
d699440f58ce
mm: fix vrealloc()'s KASAN poisoning logic
|
KASAN: vmalloc-out-of-bounds Write in vrealloc_noprof
bpf
|
C |
done |
|
46 |
17h17m |
26d
|
27/28 |
never |
d699440f58ce
mm: fix vrealloc()'s KASAN poisoning logic
|
WARNING in vmap_pages_range_noflush (2)
bpf
net
|
C |
error |
|
250 |
851d |
853d
|
1/28 |
never |
mm/gup.c: Fix return value for __gup_longterm_locked()
|
possible deadlock in lock_timer_base
bpf
trace
|
C |
|
|
134 |
14d |
1448d
|
1/28 |
never |
kfence: fix potential deadlock due to wake_up()
|
general protection fault in bpf_prog_array_delete_safe
bpf
|
C |
done |
|
5 |
12d |
14d
|
26/28 |
never |
978c4486cca5
bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog
|
BUG: using smp_processor_id() in preemptible code in bpf_mem_alloc
bpf
|
C |
done |
|
12 |
36d |
33d
|
28/28 |
4d01h |
4ff04abf9d5b
bpf: Add necessary migrate_disable to range_tree.
|
WARNING in push_jmp_history
bpf
|
C |
done |
|
5 |
74d |
74d
|
28/28 |
37d |
aa30eb3260b2
bpf: Force checkpoint when jmp history is too long
|
general protection fault in dev_map_enqueue (2)
bpf
net
|
C |
error |
done |
336 |
142d |
208d
|
28/28 |
38d |
09d88791c7cd
bpf: Make sure internal and UAPI bpf_redirect flags don't overlap
|
WARNING in sock_map_close (2)
bpf
net
|
C |
done |
|
3 |
121d |
120d
|
28/28 |
59d |
1461f5a3d810
l2tp: avoid overriding sk->sk_user_data
|
BUG: unable to handle kernel paging request in bpf_prog_ADDR (3)
bpf
net
|
C |
done |
|
6 |
161d |
160d
|
28/28 |
59d |
92de36080c93
bpf: Fail verification for sign-extension of packet data/data_end/data_meta
|
KASAN: slab-use-after-free Read in htab_map_alloc (2)
bpf
|
|
|
|
224 |
224d |
231d
|
27/28 |
99d |
86735b57c905
net/sched: unregister lockdep keys in qdisc_create/qdisc_alloc error path
|
KASAN: stack-out-of-bounds Read in xdp_do_check_flushed
bpf
net
|
C |
done |
|
127 |
141d |
161d
|
27/28 |
120d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in __dev_flush
net
bpf
|
C |
|
|
35 |
141d |
155d
|
27/28 |
120d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in bq_flush_to_queue
bpf
net
|
|
|
|
22 |
141d |
150d
|
27/28 |
120d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
KASAN: slab-use-after-free Read in bq_xmit_all
bpf
net
|
C |
done |
|
29 |
141d |
155d
|
27/28 |
120d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in __xsk_map_flush
bpf
net
|
C |
done |
|
26 |
141d |
158d
|
27/28 |
120d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in __cpu_map_flush
bpf
net
|
C |
inconclusive |
|
25 |
141d |
155d
|
27/28 |
120d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in xdp_do_generic_redirect
net
bpf
|
|
|
|
8 |
165d |
169d
|
27/28 |
129d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
general protection fault in dev_map_redirect
bpf
net
|
C |
|
|
362 |
165d |
172d
|
27/28 |
129d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
stack segment fault in dev_hash_map_redirect
bpf
net
|
C |
done |
|
29 |
165d |
172d
|
27/28 |
129d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
general protection fault in xdp_do_redirect
bpf
net
|
|
|
|
15 |
166d |
172d
|
27/28 |
129d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
stack segment fault in bpf_xdp_redirect
bpf
net
|
C |
|
|
181 |
165d |
172d
|
27/28 |
129d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
stack segment fault in cpu_map_redirect
net
bpf
|
C |
done |
|
11 |
165d |
164d
|
27/28 |
129d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
WARNING in bpf_lwt_seg6_adjust_srh
bpf
net
|
C |
done |
|
30 |
164d |
178d
|
27/28 |
129d |
c13fda93aca1
bpf: Remove tst_run from lwt_seg6local_prog_ops.
|
possible deadlock in console_flush_all (2)
trace
bpf
|
C |
error |
|
52996 |
165d |
440d
|
26/28 |
164d |
ae01e52da244
serial: drop debugging WARN_ON_ONCE() from uart_write()
|
WARNING in skb_ensure_writable
bpf
net
|
C |
done |
|
2893 |
165d |
242d
|
26/28 |
164d |
2bbe3e5a2f4e
bpf: Avoid splat in pskb_pull_reason
|
INFO: task hung in bpf_prog_dev_bound_destroy
bpf
|
|
|
|
94 |
184d |
195d
|
26/28 |
164d |
d864319871b0
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
|
possible deadlock in __sock_map_delete
bpf
net
|
C |
|
|
14 |
207d |
251d
|
26/28 |
172d |
98e948fb60d4
bpf: Allow delete from sockmap/sockhash only if update is allowed
|
general protection fault in bpf_get_attach_cookie_tracing
bpf
trace
|
C |
error |
|
7 |
198d |
229d
|
26/28 |
186d |
d0d1df8ba18a
bpf: Set run context for rawtp test_run callback
|
KASAN: slab-use-after-free Read in bpf_link_free (2)
bpf
|
syz |
|
|
52 |
195d |
208d
|
26/28 |
186d |
2884dc7d08d9
bpf: Fix a potential use-after-free in bpf_link_free()
|
WARNING in sock_map_close
bpf
net
|
C |
error |
|
182 |
193d |
256d
|
25/28 |
193d |
4b4647add7d3
sock_map: avoid race between sock_map_close and sk_psock_put
|
possible deadlock in sock_hash_delete_elem (2)
bpf
net
|
C |
|
|
1127 |
194d |
276d
|
25/28 |
193d |
98e948fb60d4
bpf: Allow delete from sockmap/sockhash only if update is allowed
|
KMSAN: uninit-value in __bpf_strtoull
bpf
|
C |
|
|
119 |
200d |
276d
|
25/28 |
198d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in trie_delete_elem
bpf
|
C |
|
|
52 |
199d |
269d
|
25/28 |
198d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in dev_map_lookup_elem
bpf
net
|
C |
|
|
3 |
264d |
271d
|
25/28 |
198d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in trie_lookup_elem
bpf
|
C |
|
|
12 |
256d |
274d
|
25/28 |
198d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
possible deadlock in kvfree_call_rcu
bpf
|
C |
|
|
1431 |
200d |
269d
|
25/28 |
198d |
59f2f841179a
bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie.
|
BUG: unable to handle kernel paging request in bpf_prog_ADDR (2)
bpf
|
C |
|
|
3 |
242d |
256d
|
25/28 |
198d |
543576ec15b1
bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
|
KMSAN: uninit-value in array_map_lookup_elem
bpf
|
C |
|
|
10 |
254d |
274d
|
25/28 |
198d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in sock_map_delete_elem
bpf
net
|
C |
|
|
44 |
200d |
270d
|
25/28 |
198d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
WARNING in __mark_chain_precision (4)
bpf
|
C |
|
|
8 |
243d |
263d
|
25/28 |
198d |
1f2a74b41ea8
bpf: prevent r10 register from being marked as precise
|
KASAN: stack-out-of-bounds Read in hash
bpf
|
C |
done |
|
5 |
251d |
258d
|
25/28 |
212d |
a8d89feba7e5
bpf: Check bloom filter map value size
|
possible deadlock in force_sig_info_to_task
bpf
trace
|
C |
error |
|
6 |
232d |
240d
|
25/28 |
212d |
02b670c1f88e
x86/mm: Remove broken vsyscall emulation code from the page fault code
|
KCSAN: data-race in sk_psock_drop / sk_psock_skb_ingress_enqueue
bpf
net
|
|
|
|
1 |
281d |
273d
|
25/28 |
212d |
6648e613226e
bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
|
possible deadlock in tty_port_tty_get (2)
bpf
net
|
|
|
|
3 |
255d |
274d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in put_pwq_unlocked
trace
bpf
|
|
|
|
3 |
250d |
249d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in sock_map_delete_elem
bpf
net
|
C |
|
|
17183 |
239d |
277d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in scheduler_tick (3)
bpf
net
|
C |
|
|
1179 |
239d |
275d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in pit_timer_fn
bpf
net
|
|
|
|
7 |
249d |
261d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in rcu_exp_handler
bpf
net
|
C |
|
|
1 |
252d |
248d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in rcu_report_exp_cpu_mult
net
bpf
|
C |
done |
|
30 |
240d |
278d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in try_to_wake_up (4)
bpf
net
|
C |
error |
|
19 |
214d |
277d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in ahci_single_level_irq_intr
bpf
net
|
C |
|
|
10 |
261d |
269d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in sock_map_unref
bpf
net
|
C |
error |
|
97 |
239d |
253d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in __lock_task_sighand (2)
bpf
net
|
C |
|
|
1476 |
213d |
277d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in sock_hash_delete_elem
bpf
net
|
C |
done |
|
16982 |
239d |
277d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in hrtimer_run_queues
net
bpf
|
C |
error |
|
592 |
239d |
276d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in swake_up_one
bpf
net
|
C |
|
|
4 |
251d |
249d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in pwq_dec_nr_in_flight
trace
bpf
|
|
|
|
1 |
255d |
251d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in _prb_commit
net
bpf
|
|
|
|
4 |
250d |
246d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in posix_timer_fn (2)
net
bpf
|
|
|
|
1 |
253d |
249d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in drm_handle_vblank
bpf
net
|
|
|
|
30 |
250d |
275d
|
25/28 |
212d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
KASAN: slab-out-of-bounds Read in xsk_setsockopt
bpf
net
|
C |
|
|
17 |
251d |
260d
|
25/28 |
212d |
237f3cf13b20
xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
|
UBSAN: array-index-out-of-bounds in check_stack_range_initialized
bpf
|
C |
error |
|
21 |
243d |
276d
|
25/28 |
212d |
ecc6a2101840
bpf: Protect against int overflow for stack access size
|
general protection fault in dev_map_enqueue
bpf
net
|
C |
|
|
676 |
212d |
269d
|
25/28 |
212d |
5bcf0dcbf906
xdp: use flags field to disambiguate broadcast redirect
|
KASAN: slab-use-after-free Read in bpf_link_free
bpf
|
syz |
|
|
181 |
212d |
260d
|
25/28 |
212d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
KASAN: slab-use-after-free Read in bpf_trace_run4
bpf
trace
|
C |
error |
|
169 |
256d |
275d
|
25/28 |
212d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
KASAN: slab-use-after-free Read in bpf_trace_run2
bpf
trace
|
C |
error |
|
653 |
256d |
275d
|
25/28 |
212d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
KASAN: slab-use-after-free Read in bpf_trace_run1
bpf
trace
|
C |
error |
|
78 |
257d |
271d
|
25/28 |
212d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
linux-next boot error: WARNING in register_btf_kfunc_id_set
bpf
|
|
|
|
9 |
323d |
323d
|
25/28 |
254d |
a05e90427ef6
bpf: btf: Add BTF_KFUNCS_START/END macro pair
|
general protection fault in bpf_struct_ops_find_value
bpf
|
C |
done |
|
9 |
328d |
330d
|
25/28 |
255d |
e6be8cd5d3cf
bpf: Fix error checks against bpf_get_btf_vmlinux().
|
BUG: unable to handle kernel NULL pointer dereference in dev_map_hash_update_elem
bpf
net
|
C |
|
|
2 |
299d |
306d
|
25/28 |
255d |
281d464a34f5
bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
|
general protection fault in btf_is_module
bpf
|
C |
error |
|
318 |
327d |
331d
|
25/28 |
255d |
e6be8cd5d3cf
bpf: Fix error checks against bpf_get_btf_vmlinux().
|
BUG: unable to handle kernel NULL pointer dereference in unix_stream_sendmsg
bpf
net
|
C |
|
|
1 |
298d |
298d
|
25/28 |
263d |
4cd12c6065df
bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
|
BUG: unable to handle kernel NULL pointer dereference in sk_psock_verdict_data_ready
net
bpf
|
C |
unreliable |
|
15 |
293d |
413d
|
25/28 |
263d |
4cd12c6065df
bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
|
WARNING in __mark_chain_precision (3)
bpf
|
C |
done |
|
19 |
355d |
376d
|
25/28 |
325d |
482d548d40b0
bpf: handle fake register spill to stack with BPF_ST_MEM instruction
|
KASAN: slab-use-after-free Read in nla_find
bpf
net
|
C |
done |
|
4 |
369d |
368d
|
25/28 |
325d |
2130c519a401
bpf: Use nla_ok() instead of checking nla_len directly
|
WARNING: locking bug in corrupted (2)
bpf
reiserfs
|
C |
done |
done |
1 |
375d |
529d
|
25/28 |
325d |
6f861765464f
fs: Block writes to mounted block devices
|
WARNING in __sk_msg_free
bpf
net
|
C |
done |
|
4 |
352d |
350d
|
25/28 |
325d |
dc9dfc8dc629
net: tls, fix WARNIING in __sk_msg_free
|
kernel BUG in prog_array_map_poke_run
bpf
|
C |
done |
done |
35 |
369d |
409d
|
25/28 |
333d |
4b7de801606e
bpf: Fix prog_array_map_poke_run map poke update
|
KASAN: null-ptr-deref Write in unix_stream_bpf_update_proto
bpf
net
|
C |
done |
|
54 |
356d |
386d
|
25/28 |
335d |
8d6650646ce4
bpf: syzkaller found null ptr deref in unix_bpf proto add
|
WARNING in bpf_mprog_pos_after
bpf
|
|
|
|
3 |
451d |
460d
|
25/28 |
366d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
WARNING: zero-size vmalloc in xskq_create
bpf
net
|
|
|
|
20 |
435d |
443d
|
25/28 |
366d |
a12bbb3cccf0
xdp: Fix zero-size allocation warning in xskq_create()
|
WARNING: zero-size vmalloc in print_tainted
bpf
net
|
C |
|
|
79 |
558d |
592d
|
25/28 |
366d |
a12bbb3cccf0
xdp: Fix zero-size allocation warning in xskq_create()
|
WARNING in bpf_mprog_attach
bpf
|
C |
|
|
3 |
444d |
451d
|
25/28 |
366d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
WARNING in bpf_mprog_pos_before
bpf
|
C |
done |
|
26 |
444d |
451d
|
25/28 |
366d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
general protection fault in bpf_prog_offload_verifier_prep
bpf
|
C |
done |
|
31 |
456d |
474d
|
25/28 |
366d |
1a49f4195d34
bpf: Avoid dummy bpf_offload_netdev in __bpf_prog_dev_bound_init
|
WARNING: refcount bug in xp_put_pool
bpf
net
|
C |
done |
|
2 |
510d |
509d
|
23/28 |
435d |
85c2c79a0730
xsk: fix refcount underflow in error path
|
KASAN: slab-use-after-free Read in xsk_diag_dump
net
bpf
|
C |
done |
|
9 |
471d |
480d
|
23/28 |
435d |
3e019d8a05a3
xsk: Fix xsk_diag use-after-free error during socket cleanup
|
UBSAN: array-index-out-of-bounds in bpf_mprog_detach
bpf
|
|
|
|
3 |
504d |
510d
|
23/28 |
435d |
d210f9735e13
bpf: Fix mprog detachment for empty mprog entry
|
KCSAN: data-race in bpf_percpu_array_update / bpf_percpu_array_update (2)
bpf
|
|
|
|
1 |
480d |
480d
|
23/28 |
435d |
6a86b5b5cd76
bpf: Annotate bpf_long_memcpy with data_race
|
WARNING in tcx_uninstall
bpf
net
|
C |
done |
|
7 |
510d |
514d
|
23/28 |
435d |
079082c60aff
tcx: Fix splat during dev unregister
|
WARNING in bpf_xdp_adjust_tail (4)
bpf
|
C |
error |
|
466 |
501d |
711d
|
23/28 |
435d |
d14eea09edf4
net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail()
|
KMSAN: uninit-value in ieee802154_subif_start_xmit
bpf
|
C |
done |
|
119 |
506d |
502d
|
23/28 |
435d |
db2baf82b098
bpf: Fix an incorrect verification success with movsx insn
|
WARNING: ODEBUG bug in tcx_uninstall
net
bpf
|
C |
done |
|
38 |
515d |
519d
|
23/28 |
435d |
dc644b540a2d
tcx: Fix splat in ingress_destroy upon tcx_entry_free
|
INFO: rcu detected stall in ext4_file_write_iter (7)
mm
bpf
ext4
|
|
|
|
3 |
477d |
519d
|
23/28 |
435d |
8c21ab1bae94
net/sched: fq_pie: avoid stalls in fq_pie_timer()
|
UBSAN: array-index-out-of-bounds in print_bpf_insn
bpf
|
C |
done |
|
9 |
507d |
509d
|
23/28 |
435d |
e99688eba2e9
bpf: Fix an array-index-out-of-bounds issue in disasm.c
|
KCSAN: data-race in __bpf_lru_list_rotate / __htab_lru_percpu_map_update_elem (5)
bpf
|
|
|
|
13 |
544d |
606d
|
23/28 |
449d |
ee9fd0ac3017
bpf: Address KCSAN report on bpf_lru_list
|
WARNING in btf_type_id_size (2)
bpf
|
C |
error |
|
8 |
545d |
576d
|
23/28 |
449d |
e6c2f594ed96
bpf: Silence a warning in btf_type_id_size()
|
WARNING: bad unlock balance in bpf
bpf
|
C |
done |
|
12 |
574d |
575d
|
23/28 |
449d |
4266f41feaee
bpf: Fix bad unlock balance on freeze_mutex
|
WARNING in bpf_verifier_vlog
bpf
|
C |
inconclusive |
|
6 |
597d |
834d
|
23/28 |
449d |
cff36398bd4c
bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log
|
BUG: unable to handle kernel NULL pointer dereference in __build_skb_around
net
bpf
|
C |
done |
|
29 |
641d |
646d
|
22/28 |
561d |
e5995bc7e2ba
bpf, test_run: fix crashes due to XDP frame overwriting/corruption
|
KASAN: slab-out-of-bounds Write in copy_array (2)
bpf
|
|
|
|
108 |
562d |
590d
|
22/28 |
561d |
45435d8da71f
bpf: Always use maximal size for copy_array()
|
riscv/fixes boot error: WARNING in __apply_to_page_range (2)
bpf
|
|
|
|
5 |
669d |
731d
|
22/28 |
561d |
96f9d4daf745
riscv: Rework kasan population functions
|
general protection fault in bpf_struct_ops_link_create
bpf
net
|
C |
done |
|
17 |
635d |
638d
|
22/28 |
561d |
55fbae05476d
bpf: Check IS_ERR for the bpf_map_get() return value
|
WARNING in sock_map_del_link
bpf
net
|
|
|
|
91 |
617d |
617d
|
22/28 |
561d |
8c5c2a4898e3
bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
|
KASAN: slab-out-of-bounds Write in copy_verifier_state
bpf
|
C |
error |
done |
825 |
715d |
733d
|
22/28 |
561d |
45435d8da71f
bpf: Always use maximal size for copy_array()
|
BUG: stack guard page was hit in inet6_release
bpf
net
|
C |
done |
|
4 |
696d |
745d
|
22/28 |
561d |
ddce1e091757
bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
|
possible deadlock in bpf_trace_printk
bpf
trace
|
C |
done |
done |
68 |
670d |
925d
|
22/28 |
638d |
05b24ff9b2cf
bpf: Prevent bpf program recursion for raw tracepoint probes
|
KASAN: vmalloc-out-of-bounds Read in bpf_jit_free
bpf
|
C |
|
|
68 |
865d |
1040d
|
22/28 |
665d |
1d5f82d9dd47
bpf, x86: fix freeing of not-finalized bpf_prog_pack
d24d2a2b0a81
bpf: bpf_prog_pack: Set proper size before freeing ro_header
|
WARNING: kmalloc bug in xdp_umem_create (2)
bpf
net
|
C |
done |
|
21 |
1045d |
1111d
|
22/28 |
665d |
0708a0afe291
mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
|
BUG: sleeping function called from invalid context in sk_psock_skb_ingress_self
net
bpf
|
C |
done |
|
151 |
775d |
797d
|
22/28 |
665d |
2d1f274b95c6
skmsg: pass gfp argument to alloc_sk_msg()
|
WARNING in bpf_skb_load_helper_16_no_cache
bpf
|
C |
done |
|
6 |
872d |
902d
|
22/28 |
665d |
0326195f523a
bpf: Make sure mac_header was set before using it
|
KASAN: vmalloc-out-of-bounds Write in ringbuf_map_alloc
bpf
|
C |
done |
|
541 |
1051d |
1054d
|
22/28 |
665d |
b293dcc473d2
bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
|
bpf-next boot error: WARNING in bpf_prog_pack_free
bpf
|
|
|
|
12 |
1005d |
1006d
|
22/28 |
665d |
96805674e562
bpf: Fix bpf_prog_pack for multi-node setup
|
KASAN: slab-out-of-bounds Write in bpf_prog_test_run_xdp
bpf
net
|
C |
done |
|
18 |
1041d |
1059d
|
22/28 |
665d |
a6763080856f
bpf: test_run: Fix OOB access in bpf_prog_test_run_xdp
|
general protection fault in do_check_common
bpf
|
C |
done |
|
5 |
898d |
902d
|
22/28 |
665d |
d1a6edecc1fd
bpf: Check attach_func_proto more carefully in check_return_code
|
WARNING in bpf_test_finish
net
bpf
|
C |
done |
|
3 |
1027d |
1027d
|
22/28 |
665d |
530e214c5b5a
bpf, test_run: Fix overflow in XDP frags bpf_test_finish
|
KMSAN: uninit-value in ___bpf_prog_run (3)
bpf
|
C |
|
|
5 |
980d |
982d
|
22/28 |
665d |
99c07327ae11
netlink: reset network and mac headers in netlink_dump()
|
general protection fault in check_helper_call
bpf
|
C |
done |
|
4 |
885d |
889d
|
22/28 |
665d |
d1a6edecc1fd
bpf: Check attach_func_proto more carefully in check_return_code
|
general protection fault in btf_decl_tag_resolve
bpf
|
C |
done |
|
6 |
1052d |
1052d
|
22/28 |
665d |
d7e7b42f4f95
bpf: Fix a btf decl_tag bug when tagging a function
|
BUG: missing reserved tailroom
bpf
net
|
C |
done |
|
2 |
1017d |
1016d
|
22/28 |
665d |
b6f1f780b393
bpf, test_run: Fix packet size check for live packet mode
|
KASAN: slab-out-of-bounds Write in __build_skb_around
bpf
net
|
C |
error |
|
2536 |
739d |
753d
|
22/28 |
665d |
ce098da1497c
skbuff: Introduce slab_build_skb()
|
WARNING in btf_type_id_size
bpf
|
C |
done |
|
10 |
726d |
797d
|
22/28 |
665d |
ea68376c8bed
bpf: prevent decl_tag from being referenced in func_proto
|
WARNING: ODEBUG bug in htab_map_alloc
bpf
|
C |
|
|
6456 |
809d |
833d
|
22/28 |
665d |
cf7de6a53600
bpf: add missing percpu_counter_destroy() in htab_map_alloc()
|
WARNING: kmalloc bug in bpf
bpf
|
C |
done |
done |
562 |
1003d |
1121d
|
22/28 |
665d |
0708a0afe291
mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
|
WARNING in bpf_skb_load_helper_32
bpf
|
C |
done |
|
9 |
867d |
898d
|
22/28 |
665d |
0326195f523a
bpf: Make sure mac_header was set before using it
|
WARNING in bpf_bprintf_prepare (2)
bpf
|
C |
|
|
2 |
799d |
838d
|
22/28 |
665d |
05b24ff9b2cf
bpf: Prevent bpf program recursion for raw tracepoint probes
|
WARNING in check_map_prog_compatibility
bpf
|
C |
inconclusive |
done |
128 |
817d |
980d
|
22/28 |
665d |
34dd3bad1a6f
bpf: Relax the requirement to use preallocated hash maps in tracing progs.
|
bpf-next boot error: KASAN: global-out-of-bounds Read in task_iter_init
bpf
|
|
|
|
42 |
1134d |
1138d
|
20/28 |
1018d |
9e2ad638ae36
bpf: Extend BTF_ID_LIST_GLOBAL with parameter for number of IDs
|
general protection fault in bpf_skb_cgroup_id
bpf
net
|
C |
inconclusive |
|
107 |
1175d |
1190d
|
20/28 |
1018d |
435b08ec0094
bpf, test, cgroup: Use sk_{alloc,free} for test cases
|
general protection fault in bpf_skb_ancestor_cgroup_id
bpf
net
|
C |
unreliable |
|
232 |
1174d |
1190d
|
20/28 |
1018d |
435b08ec0094
bpf, test, cgroup: Use sk_{alloc,free} for test cases
|
general protection fault in dev_get_by_index_rcu (2)
bpf
net
|
C |
error |
|
18 |
1078d |
1078d
|
20/28 |
1018d |
382778edc826
xdp: check prog type before updating BPF link
|
WARNING: kmalloc bug in bpf_check
bpf
|
C |
done |
|
34 |
1192d |
1204d
|
20/28 |
1018d |
0e6491b55970
bpf: Add oversize check before call kvcalloc()
|
KASAN: vmalloc-out-of-bounds Read in bpf_prog_put
bpf
|
C |
done |
|
2 |
1098d |
1097d
|
20/28 |
1018d |
218d747a4142
bpf, sockmap: Fix double bpf_prog_put on error case in map_link
|
WARNING in bpf_bprintf_prepare
bpf
|
C |
unreliable |
|
96 |
1282d |
1320d
|
20/28 |
1137d |
e2d5b2bb769f
bpf: Fix nested bpf_bprintf_prepare with more per-cpu buffers
|
UBSAN: shift-out-of-bounds in ___bpf_prog_run
bpf
|
C |
unreliable |
|
38 |
1271d |
1381d
|
20/28 |
1137d |
28131e9d9333
bpf: Fix up register-based shifts in interpreter to silence KUBSAN
|
KASAN: use-after-free Write in sk_psock_stop
bpf
net
|
syz |
done |
|
74 |
1335d |
1355d
|
20/28 |
1137d |
aadb2bb83ff7
sock_map: Fix a potential use-after-free in sock_map_close()
|
memory leak in bpf (2)
bpf
|
C |
|
|
3 |
1291d |
1360d
|
20/28 |
1137d |
ccff81e1d028
bpf: Fix false positive kmemleak report in bpf_ringbuf_area_alloc()
|
general protection fault in btf_type_id_size
bpf
|
C |
unreliable |
|
6 |
1387d |
1384d
|
20/28 |
1137d |
350a5c4dd245
bpf: Dont allow vmlinux BTF to be used in map_create and prog_load.
|
WARNING: suspicious RCU usage in tcp_bpf_update_proto
bpf
net
|
C |
done |
|
539 |
1335d |
1355d
|
20/28 |
1137d |
51e0158a5432
skmsg: Pass psock pointer to ->psock_update_sk_prot()
|
WARNING: suspicious RCU usage in bpf_get_current_cgroup_id
bpf
|
C |
done |
|
764 |
1207d |
1246d
|
20/28 |
1137d |
2d3a1e3615c5
bpf: Add rcu_read_lock in bpf_get_current_[ancestor_]cgroup_id() helpers
|
WARNING in tracepoint_add_func
bpf
trace
|
C |
done |
|
20635 |
1253d |
1637d
|
20/28 |
1137d |
9913d5745bd7
tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
|
KASAN: vmalloc-out-of-bounds Read in bpf_trace_run2
trace
bpf
|
C |
done |
done |
5 |
1394d |
1552d
|
20/28 |
1347d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
BUG: unable to handle kernel paging request in bpf_trace_run2
bpf
trace
|
C |
done |
done |
10 |
1391d |
1552d
|
20/28 |
1347d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
KMSAN: uninit-value in bpf_iter_prog_supported
bpf
|
|
|
|
4479 |
1351d |
1412d
|
20/28 |
1351d |
17d8beda277a
bpf: Fix an unitialized value in bpf_iter
|
KCSAN: data-race in bpf_lru_pop_free / bpf_lru_push_free
bpf
|
|
|
|
237 |
1399d |
1586d
|
20/28 |
1351d |
6df8fb83301d
bpf_lru_list: Read double-checked variable once without lock
|
KCSAN: data-race in __bpf_lru_list_rotate / bpf_lru_push_free (2)
bpf
|
|
|
|
32 |
1405d |
1474d
|
20/28 |
1351d |
6df8fb83301d
bpf_lru_list: Read double-checked variable once without lock
|
KASAN: vmalloc-out-of-bounds Read in bpf_trace_run3
bpf
trace
|
C |
done |
|
6 |
1407d |
1509d
|
20/28 |
1351d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
BUG: unable to handle kernel paging request in bpf_trace_run3
bpf
trace
|
C |
done |
|
40 |
1398d |
1521d
|
20/28 |
1351d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
memory leak in xskq_create
bpf
net
|
C |
|
|
7 |
1448d |
1468d
|
19/28 |
1382d |
8bee68338408
xsk: Fix memory leak for failed bind
|
BUG: unable to handle kernel paging request in htab_map_alloc (2)
bpf
|
C |
unreliable |
|
8 |
1469d |
1477d
|
19/28 |
1382d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
BUG: unable to handle kernel paging request in bpf_lru_populate
bpf
|
C |
done |
|
12 |
1468d |
1474d
|
19/28 |
1382d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
general protection fault in xsk_recvmsg
bpf
net
|
C |
done |
unreliable |
1800 |
1467d |
1436d
|
19/28 |
1382d |
3546b9b8eced
xsk: Validate socket state in xsk_recvmsg, prior touching socket members
|
KASAN: vmalloc-out-of-bounds Write in pcpu_freelist_populate
bpf
|
|
|
|
6 |
1471d |
1474d
|
19/28 |
1382d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: use-after-free Read in htab_map_alloc
bpf
|
C |
done |
|
38 |
1509d |
1512d
|
19/28 |
1382d |
8aaeed81fcb9
bpf: Fix error path in htab_map_alloc()
|
BUG: unable to handle kernel paging request in htab_free_elems
bpf
|
|
|
|
1 |
1476d |
1476d
|
19/28 |
1382d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: vmalloc-out-of-bounds Write in htab_map_alloc
bpf
|
|
|
|
6 |
1469d |
1478d
|
19/28 |
1382d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
BUG: unable to handle kernel paging request in pcpu_freelist_populate
bpf
|
C |
unreliable |
|
42 |
1467d |
1478d
|
19/28 |
1382d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: vmalloc-out-of-bounds Read in htab_free_elems
bpf
|
C |
unreliable |
|
7 |
1475d |
1476d
|
19/28 |
1382d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: vmalloc-out-of-bounds Write in bpf_lru_populate
bpf
|
C |
unreliable |
|
19 |
1468d |
1478d
|
19/28 |
1382d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
general protection fault in xsk_release
bpf
net
|
C |
done |
|
2 |
1548d |
1547d
|
15/28 |
1495d |
1fd17c8cd0aa
xsk: Fix possible crash in socket_release when out-of-memory
|
KASAN: use-after-free Write in xp_put_pool
bpf
net
|
C |
done |
|
50 |
1549d |
1571d
|
15/28 |
1495d |
83cf5c68d663
xsk: Fix use-after-free in failed shared_umem bind
|
general protection fault in xsk_is_setup_for_bpf_map
bpf
net
|
C |
error |
|
294 |
1548d |
1571d
|
15/28 |
1495d |
968be23ceaca
xsk: Fix possible segfault at xskmap entry insertion
|
WARNING in bpf_raw_tp_link_fill_link_info
bpf
|
C |
error |
|
56 |
1548d |
1563d
|
15/28 |
1495d |
b474959d5afd
bpf: Fix a buffer out-of-bound access when filling raw_tp link_info
|
memory leak in xdp_umem_create
net
bpf
|
C |
|
|
17 |
1499d |
1519d
|
15/28 |
1495d |
e5e1a4bc916d
xsk: Fix possible memory leak at socket close
|
general protection fault in xsk_diag_dump (2)
bpf
net
|
C |
|
|
354 |
1552d |
1571d
|
15/28 |
1495d |
53ea2076d851
xsk: Fix possible segfault in xsk umem diagnostics
|
general protection fault in __btf_resolve_helper_id
bpf
|
C |
|
|
17 |
1621d |
1629d
|
15/28 |
1556d |
5b801dfb7feb
bpf: Fix NULL pointer dereference in __btf_resolve_helper_id()
|
KASAN: use-after-free Write in bpf_link_put
bpf
|
|
|
|
2 |
1694d |
1696d
|
15/28 |
1617d |
138c67677ff5
bpf: Fix use-after-free of bpf_link when priming half-fails
|
general protection fault in sock_hash_free
net
bpf
|
|
|
|
1 |
1662d |
1662d
|
15/28 |
1617d |
75e68e5bf2c7
bpf, sockhash: Synchronize delete from bucket list on map free
|
BUG: unable to handle kernel NULL pointer dereference in smp_call_function_many_cond (2)
bpf
|
|
|
|
1 |
1641d |
1641d
|
15/28 |
1617d |
3021e69219e2
kcov: check kcov_softirq in kcov_remote_stop()
|
KMSAN: uninit-value in bpf_skb_load_helper_32_no_cache
net
bpf
|
|
|
|
2 |
1780d |
1779d
|
15/28 |
1710d |
457fed775c97
net/smc: fix leak of kernel memory to user space
|
possible deadlock in htab_lru_map_delete_node
bpf
|
C |
done |
|
264 |
1763d |
1769d
|
15/28 |
1710d |
b9aff38de2cb
bpf: Fix a potential deadlock with bpf_map_do_batch
|
possible deadlock in bpf_lru_push_free
bpf
|
C |
done |
|
609 |
1764d |
1770d
|
15/28 |
1710d |
b9aff38de2cb
bpf: Fix a potential deadlock with bpf_map_do_batch
|
BUG: sleeping function called from invalid context in lock_sock_nested
bpf
net
|
C |
|
|
1232 |
1767d |
1843d
|
15/28 |
1767d |
37f96694cf73
crypto: af_alg - Use bh_lock_sock in sk_destruct
|
WARNING in sk_psock_drop
bpf
net
|
|
|
|
157 |
1790d |
1799d
|
15/28 |
1767d |
58c8db929db1
net, sk_msg: Don't check if sock is locked when tearing down psock
|
general protection fault in free_verifier_state (3)
bpf
|
C |
|
|
5 |
1795d |
1802d
|
15/28 |
1767d |
f59bbfc2f609
bpf: Fix error path under memory pressure
|
KASAN: vmalloc-out-of-bounds Write in pcpu_alloc
bpf
|
C |
done |
|
31 |
1820d |
1844d
|
15/28 |
1772d |
253a496d8e57
kasan: don't assume percpu shadow allocations will succeed
|
BUG: unable to handle kernel paging request in pcpu_alloc
bpf
|
C |
done |
|
24 |
1825d |
1844d
|
15/28 |
1772d |
253a496d8e57
kasan: don't assume percpu shadow allocations will succeed
|
KASAN: slab-out-of-bounds Read in bpf_prog_create
bpf
net
|
C |
done |
|
447 |
1839d |
1921d
|
15/28 |
1809d |
0033b34a03ec
ppp: fix out-of-bounds access in bpf_prog_create()
|
KASAN: use-after-free Read in bpf_prog_kallsyms_find (2)
bpf
|
C |
done |
|
9 |
1884d |
1895d
|
13/28 |
1855d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
KASAN: use-after-free Read in is_bpf_text_address
bpf
|
C |
done |
|
3 |
1885d |
1886d
|
13/28 |
1855d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
BUG: unable to handle kernel paging request in is_bpf_text_address
bpf
|
C |
done |
|
2 |
1891d |
1891d
|
13/28 |
1855d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
BUG: unable to handle kernel NULL pointer dereference in xsk_poll
bpf
net
|
C |
done |
|
10 |
1891d |
1909d
|
13/28 |
1873d |
df551058f7a3
xsk: Fix crash in poll when device does not support ndo_xsk_wakeup
|
general protection fault in bpf_tcp_close (2)
bpf
|
C |
|
done |
26 |
2310d |
2354d
|
13/28 |
1887d |
e06fa9c16ce4
bpf, sockmap: fix potential use after free in bpf_tcp_close
|
general protection fault in xsk_poll
bpf
net
|
C |
done |
|
430 |
1923d |
1950d
|
13/28 |
1893d |
42fddcc7c64b
xsk: use state member for socket synchronization
|
general protection fault in xsk_map_update_elem
bpf
|
C |
done |
|
12 |
1913d |
1915d
|
13/28 |
1893d |
fcd30ae0665c
bpf/xskmap: Return ERR_PTR for failure case instead of NULL.
|
general protection fault in dev_map_hash_update_elem
bpf
net
|
C |
done |
|
4 |
1927d |
1933d
|
13/28 |
1893d |
af58e7ee6a8d
xdp: Fix race in dev_map_hash_update_elem() when replacing element
|
WARNING in __mark_chain_precision (2)
bpf
|
C |
done |
|
18 |
1922d |
1941d
|
13/28 |
1900d |
2339cd6cd0b5
bpf: fix precision tracking of stack slots
|
WARNING: suspicious RCU usage (4)
bpf
trace
|
C |
|
done |
1 |
2302d |
2301d
|
13/28 |
1904d |
865e63b04e9b
tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
|
WARNING: suspicious RCU usage in trace_call_bpf
bpf
trace
|
C |
|
done |
327 |
2283d |
2301d
|
13/28 |
1904d |
865e63b04e9b
tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
|
KASAN: use-after-free Read in psock_map_pop
bpf
|
C |
|
done |
204 |
2250d |
2294d
|
13/28 |
1904d |
5607fff30363
bpf: sockmap only allow ESTABLISHED sock state
|
KASAN: slab-out-of-bounds Read in sock_hash_ctx_update_elem
bpf
|
C |
|
done |
5 |
2335d |
2335d
|
13/28 |
1904d |
b845c898b2f1
bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
|
general protection fault in smap_list_hash_remove
bpf
|
C |
|
done |
52 |
2343d |
2361d
|
13/28 |
1904d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
WARNING in bpf_jit_free
bpf
|
C |
done |
|
21697 |
1932d |
2349d
|
12/28 |
1932d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
WARNING in bpf_prog_kallsyms_add
bpf
|
syz |
done |
done |
2 |
1975d |
2177d
|
12/28 |
1932d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_find
bpf
|
syz |
done |
inconclusive |
3 |
2149d |
2224d
|
12/28 |
1932d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_add
bpf
|
syz |
error |
|
234 |
1933d |
2294d
|
12/28 |
1932d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in bpf_prog_kallsyms_del
bpf
|
syz |
done |
inconclusive |
3 |
2180d |
2259d
|
12/28 |
1932d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in bpf_get_prog_name
bpf
|
|
|
|
1 |
1975d |
1975d
|
12/28 |
1932d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
WARNING in bpf_prog_kallsyms_find
bpf
|
C |
error |
|
5632 |
1932d |
2054d
|
12/28 |
1932d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
WARNING in is_bpf_text_address
bpf
|
C |
done |
|
104 |
1942d |
2009d
|
12/28 |
1932d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in bpf_prog_kallsyms_add
bpf
|
syz |
error |
inconclusive |
120 |
2059d |
2294d
|
12/28 |
1932d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
BUG: unable to handle kernel paging request in __do_softirq
bpf
|
syz |
done |
done |
1 |
2012d |
2011d
|
12/28 |
1942d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
BUG: unable to handle kernel paging request in tls_prots
net
bpf
|
syz |
done |
|
1 |
2005d |
2005d
|
12/28 |
1942d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
possible deadlock in xsk_notifier
bpf
net
|
C |
done |
|
495 |
1981d |
1993d
|
12/28 |
1956d |
5464c3a0e9a0
xdp: fix potential deadlock on socket mutex
|
general protection fault in btf_array_resolve
bpf
|
C |
error |
|
109 |
1989d |
2012d
|
12/28 |
1964d |
e4f07120210a
bpf: fix NULL deref in btf_type_is_resolve_source_only
|
general protection fault in btf_struct_resolve
bpf
|
C |
error |
|
49 |
1989d |
2012d
|
12/28 |
1964d |
e4f07120210a
bpf: fix NULL deref in btf_type_is_resolve_source_only
|
KASAN: use-after-free Read in __dev_map_entry_free
bpf
net
|
C |
|
|
473 |
2094d |
2375d
|
12/28 |
2012d |
2baae3545327
bpf: devmap: fix use-after-free Read in __dev_map_entry_free
|
general protection fault in xsk_diag_dump
bpf
net
|
C |
|
|
5 |
2112d |
2118d
|
11/28 |
2094d |
915905f8b1d4
xsk: fix potential crash in xsk_diag_put_umem()
|
KASAN: use-after-free Read in bpf_cgroup_storage_release
bpf
|
C |
|
|
2 |
2332d |
2332d
|
11/28 |
2133d |
82c018d734a7
Merge branch 'bpf-cgroup-local-storage'
|
WARNING in __debug_object_init (3)
bpf
net
|
C |
|
|
1557 |
2245d |
2246d
|
11/28 |
2161d |
2cb494a36c98
bpf: add tests for direct packet access from CGROUP_SKB
|
KASAN: slab-out-of-bounds Write in queue_stack_map_push_elem
bpf
|
C |
|
|
30 |
2215d |
2217d
|
11/28 |
2206d |
813961de3ee6
bpf: fix integer overflow in queue_stack_map
|
WARNING in bpf_check (2)
bpf
|
C |
|
|
9 |
2228d |
2228d
|
11/28 |
2206d |
afd594240806
bpf: fix off-by-one error in adjust_subprog_starts
|
KASAN: slab-out-of-bounds Read in refcount_inc_not_zero_checked
bpf
net
|
|
|
|
2 |
2256d |
2256d
|
11/28 |
2230d |
5032d079909d
bpf: skmsg, fix psock create on existing kcm/tls port
|
BUG: sleeping function called from invalid context at net/core/dev.c:LINE
bpf
|
syz |
|
|
8 |
2257d |
2265d
|
11/28 |
2244d |
cee271678d0e
xsk: do not call synchronize_net() under RCU read lock
|
WARNING in pcpu_alloc
bpf
|
C |
|
|
4 |
2264d |
2272d
|
11/28 |
2262d |
b0584ea66d73
bpf: don't accept cgroup local storage with zero value size
|
WARNING: suspicious RCU usage in bpf_prog_array_copy_core
bpf
|
C |
|
|
22873 |
2307d |
2321d
|
8/28 |
2306d |
965931e3a803
bpf: fix a rcu usage warning in bpf_prog_array_copy_core()
|
KASAN: out-of-bounds Read in bpf_test_finish
bpf
net
|
|
|
|
9 |
2350d |
2356d
|
8/28 |
2327d |
6e6fddc78323
bpf: fix panic due to oob in bpf_prog_test_run_skb
|
WARNING: refcount bug in smap_release_sock
bpf
|
C |
|
|
55 |
2344d |
2382d
|
8/28 |
2327d |
7ebc14d507b4
bpf: sockmap, consume_skb in close path
547b3aa451ae
bpf: sockmap, error path can not release psock in multi-map case
|
KASAN: stack-out-of-bounds Read in bpf_tcp_close
bpf
|
C |
|
|
1 |
2347d |
2347d
|
8/28 |
2327d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
WARNING in bpf_check
bpf
|
|
|
|
3 |
2347d |
2354d
|
8/28 |
2327d |
c7a897843224
bpf: don't leave partial mangled prog in jit_subprogs error path
|
WARNING in do_debug (2)
bpf
|
|
|
|
1 |
2348d |
2348d
|
8/28 |
2327d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
KASAN: use-after-free Read in bpf_test_finish
bpf
net
|
C |
|
|
1211 |
2342d |
2357d
|
8/28 |
2327d |
6e6fddc78323
bpf: fix panic due to oob in bpf_prog_test_run_skb
|
WARNING in bpf_int_jit_compile
bpf
net
|
syz |
|
|
11 |
2364d |
2401d
|
8/28 |
2356d |
9facc336876f
bpf: reject any prog that failed read-only lock
|
possible deadlock in sock_hash_free
bpf
|
C |
|
|
45 |
2398d |
2398d
|
8/28 |
2356d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
WARNING: ODEBUG bug in sock_hash_free
bpf
|
|
|
|
1 |
2370d |
2370d
|
8/28 |
2356d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
KASAN: slab-out-of-bounds Read in bpf_csum_update
bpf
net
|
C |
|
|
2 |
2394d |
2392d
|
8/28 |
2356d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
INFO: rcu detected stall in is_bpf_text_address
bpf
|
C |
|
|
1 |
2407d |
2407d
|
8/28 |
2356d |
1d88ba1ebb27
sctp: not allow transport timeout value less than HZ/5 for hb_timer
|
KASAN: use-after-free Read in bpf_skb_change_proto
bpf
net
|
|
|
|
1 |
2386d |
2385d
|
8/28 |
2356d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
WARNING in bpf_prog_select_runtime
bpf
|
syz |
|
|
45 |
2380d |
2382d
|
8/28 |
2356d |
9facc336876f
bpf: reject any prog that failed read-only lock
|
KASAN: slab-out-of-bounds Read in bpf_skb_vlan_push
bpf
net
|
syz |
|
|
2 |
2382d |
2382d
|
8/28 |
2356d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: use-after-free Read in skb_ensure_writable
bpf
net
|
C |
|
|
4 |
2385d |
2392d
|
8/28 |
2356d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: use-after-free Read in bpf_tcp_close
bpf
|
C |
|
|
1748 |
2362d |
2401d
|
8/28 |
2356d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
BUG: unable to handle kernel paging request in bpf_prog_select_runtime
bpf
|
|
|
|
1 |
2372d |
2372d
|
8/28 |
2356d |
85782e037f8a
bpf: undo prog rejection on read-only lock failure
|
WARNING: kmalloc bug in xdp_umem_create
bpf
net
|
C |
|
|
7 |
2380d |
2386d
|
8/28 |
2356d |
a343993c518c
xsk: silence warning on memory allocation failure
|
KASAN: slab-out-of-bounds Read in bpf_skb_change_proto
bpf
net
|
C |
|
|
2 |
2386d |
2385d
|
8/28 |
2356d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: slab-out-of-bounds Read in skb_ensure_writable
bpf
net
|
C |
|
|
9 |
2383d |
2392d
|
8/28 |
2356d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: use-after-free Read in bpf_csum_update
bpf
net
|
C |
|
|
1 |
2394d |
2392d
|
8/28 |
2356d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
BUG: unable to handle kernel paging request in bpf_int_jit_compile
bpf
net
|
syz |
|
|
2 |
2368d |
2372d
|
8/28 |
2356d |
85782e037f8a
bpf: undo prog rejection on read-only lock failure
|
KASAN: use-after-free Write in bpf_tcp_close
bpf
|
C |
|
|
67 |
2363d |
2399d
|
8/28 |
2356d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
general protection fault in bpf_tcp_close
bpf
|
C |
|
|
421 |
2357d |
2401d
|
8/28 |
2356d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
54fedb42c653
bpf: sockmap, fix smap_list_map_remove when psock is in many maps
|
KASAN: slab-out-of-bounds Read in bpf_skb_change_head
bpf
net
|
C |
|
|
2 |
2382d |
2382d
|
8/28 |
2356d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
WARNING: kmalloc bug in map_get_next_key
bpf
|
C |
|
|
5 |
2410d |
2410d
|
8/28 |
2356d |
683d2ac3904c
bpf: fix sock hashmap kmalloc warning
|
KASAN: null-ptr-deref Write in xdp_umem_unaccount_pages
bpf
net
|
C |
|
|
25 |
2385d |
2388d
|
8/28 |
2356d |
c09290c56376
bpf, xdp: fix crash in xdp_umem_unaccount_pages
|
WARNING: kmalloc bug in memdup_user (3)
bpf
|
C |
|
|
137 |
2410d |
2410d
|
8/28 |
2356d |
683d2ac3904c
bpf: fix sock hashmap kmalloc warning
|
possible deadlock in bpf_tcp_close
bpf
|
C |
|
|
152 |
2398d |
2398d
|
8/28 |
2356d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
possible deadlock in perf_event_detach_bpf_prog
bpf
trace
|
|
|
|
1 |
2459d |
2458d
|
5/28 |
2418d |
3a38bb98d9ab
bpf/tracing: fix a deadlock in perf_event_detach_bpf_prog
|
general protection fault in SyS_bpf (2)
bpf
|
C |
|
|
1065 |
2489d |
2503d
|
4/28 |
2489d |
952fad8e3239
bpf: fix sock_map_alloc() error path
|
WARNING in kvmalloc_node
bpf
net
|
C |
|
|
513 |
2496d |
2502d
|
4/28 |
2489d |
7fc17e909edf
bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
|
WARNING: kmalloc bug in bpf_prog_array_copy_info
bpf
|
C |
|
|
4424 |
2489d |
2502d
|
4/28 |
2489d |
9c481b908b01
bpf: fix bpf_prog_array_copy_to_user warning from perf event prog query
|
WARNING: kmalloc bug in cpu_map_update_elem
bpf
net
|
C |
|
|
2677 |
2489d |
2501d
|
4/28 |
2489d |
7fc17e909edf
bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
|
general protection fault in ___bpf_prog_run
bpf
|
C |
|
|
8 |
2509d |
2516d
|
4/28 |
2503d |
65073a67331d
bpf: fix null pointer deref in bpf_prog_test_run_xdp
|
general protection fault in trie_get_next_key
bpf
|
C |
|
|
3 |
2521d |
2521d
|
4/28 |
2514d |
6dd1ec6c7a2c
bpf: fix kernel page fault in lpm map trie_get_next_key
|
BUG: unable to handle kernel paging request in check_memory_region
bpf
|
C |
|
|
10 |
2531d |
2534d
|
4/28 |
2515d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Read in __bpf_prog_put
bpf
|
|
|
|
1 |
2536d |
2536d
|
4/28 |
2515d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Read in map_lookup_elem
bpf
|
C |
|
|
6 |
2530d |
2534d
|
4/28 |
2515d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
WARNING in xdp_rxq_info_unreg
bpf
net
|
C |
|
|
198 |
2524d |
2524d
|
4/28 |
2515d |
c13da21cdb80
tun: avoid calling xdp_rxq_info_unreg() twice
|
suspicious RCU usage at ./include/linux/rcupdate.h:LINE (3)
bpf
|
C |
|
|
5087 |
2516d |
2524d
|
4/28 |
2515d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
general protection fault in free_verifier_state (2)
bpf
|
C |
|
|
2 |
2539d |
2539d
|
4/28 |
2515d |
5896351ea936
bpf: fix verifier GPF in kmalloc failure path
|
suspicious RCU usage at mm/slab.h:LINE
bpf
|
|
|
|
1 |
2524d |
2524d
|
4/28 |
2515d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
general protection fault in copy_verifier_state
bpf
|
C |
|
|
2 |
2548d |
2544d
|
4/28 |
2515d |
5896351ea936
bpf: fix verifier GPF in kmalloc failure path
|
BUG: sleeping function called from invalid context at mm/slab.h:LINE (2)
bpf
|
|
|
|
2 |
2523d |
2523d
|
4/28 |
2515d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
KASAN: slab-out-of-bounds Read in map_lookup_elem
bpf
|
C |
|
|
6 |
2531d |
2534d
|
4/28 |
2523d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
general protection fault in __bpf_prog_put
bpf
|
C |
|
|
212 |
2530d |
2536d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: slab-out-of-bounds Read in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
7 |
2531d |
2535d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
BUG: unable to handle kernel paging request in fd_array_map_delete_elem
bpf
|
|
|
|
11 |
2530d |
2536d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
BUG: unable to handle kernel paging request in __bpf_map_put
bpf
|
|
|
|
1 |
2534d |
2533d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
WARNING in adjust_ptr_min_max_vals
bpf
|
C |
|
|
252 |
2527d |
2544d
|
4/28 |
2524d |
6f16101e6a8b
bpf: mark dst unknown on inconsistent {s, u}bounds adjustments
|
general protection fault in cgroup_fd_array_put_ptr
bpf
|
C |
|
|
219 |
2530d |
2536d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
WARNING in ___bpf_prog_run
bpf
|
C |
|
|
28 |
2530d |
2536d
|
4/28 |
2524d |
7891a87efc71
bpf: arsh is not supported in 32 bit alu thus reject it
|
BUG: unable to handle kernel paging request in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
5 |
2530d |
2534d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: slab-out-of-bounds Read in perf_event_fd_array_release
bpf
|
C |
|
|
96 |
2530d |
2536d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Write in array_map_update_elem
bpf
|
C |
|
|
11 |
2530d |
2531d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
general protection fault in __bpf_map_put
bpf
|
C |
|
|
331 |
2530d |
2536d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Read in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
21 |
2530d |
2536d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
divide error in ___bpf_prog_run
bpf
|
C |
|
|
28 |
2527d |
2534d
|
4/28 |
2524d |
68fda450a7df
bpf: fix 32-bit divide by zero
|
KASAN: slab-out-of-bounds Write in array_map_update_elem
bpf
|
C |
|
|
6 |
2532d |
2531d
|
4/28 |
2524d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
general protection fault in free_verifier_state
bpf
|
C |
|
|
2 |
2557d |
2557d
|
3/28 |
2551d |
8c01c4f896aa
bpf: fix verifier NULL pointer dereference
|
general protection fault in bpf_check
bpf
|
|
|
|
3 |
2601d |
2606d
|
3/28 |
2580d |
8c01c4f896aa
bpf: fix verifier NULL pointer dereference
|