|
KASAN: slab-use-after-free Read in bpf_trace_run2 (2)
bpf
trace
|
syz |
error |
|
123 |
166d |
183d
|
27/28 |
never |
2e8a12b82c40
tracing: Fix syscall tracepoint use-after-free
|
|
KMSAN: uninit-value in ___bpf_prog_run (4)
bpf
|
C |
|
|
322 |
66d |
480d
|
25/28 |
never |
4c2d14c40a68
ppp: Fix KMSAN uninit-value warning with bpf
|
|
possible deadlock in xsk_diag_dump
net
bpf
|
|
|
|
4 |
5d07h |
11d
|
20/28 |
never |
f0433eea4688
net: don't mix device locking in dev_close_many() calls
|
|
KASAN: vmalloc-out-of-bounds Write in push_insn_history
bpf
|
|
|
|
136 |
132d |
145d
|
27/28 |
never |
d699440f58ce
mm: fix vrealloc()'s KASAN poisoning logic
|
|
KASAN: vmalloc-out-of-bounds Write in vrealloc_noprof
bpf
|
C |
done |
|
385 |
5m |
146d
|
27/28 |
never |
d699440f58ce
mm: fix vrealloc()'s KASAN poisoning logic
|
|
WARNING in vmap_pages_range_noflush (2)
net
bpf
|
C |
error |
|
250 |
970d |
972d
|
1/28 |
never |
mm/gup.c: Fix return value for __gup_longterm_locked()
|
|
possible deadlock in lock_timer_base
bpf
trace
|
C |
|
|
142 |
94d |
1567d
|
1/28 |
never |
kfence: fix potential deadlock due to wake_up()
|
|
KASAN: slab-out-of-bounds Read in atomic_ptr_type_ok
bpf
|
C |
done |
|
4 |
41d |
37d
|
25/28 |
never |
9aa8fe29f624
Merge branch 'bpf-fix-oob-read-and-add-tests-for-load-acquire-store-release'
c03bb2fa327e
bpf: Fix out-of-bounds read in check_atomic_load/store()
|
|
general protection fault in bpf_prog_array_delete_safe
bpf
|
C |
done |
|
5 |
132d |
134d
|
27/28 |
never |
978c4486cca5
bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog
|
|
possible deadlock in __queue_map_get
bpf
|
C |
error |
|
180 |
13d |
371d
|
23/28 |
never |
2f41503d6476
bpf: Convert queue_stack map to rqspinlock
|
|
possible deadlock in queue_stack_map_push_elem
bpf
|
C |
error |
|
78 |
14d |
367d
|
23/28 |
never |
2f41503d6476
bpf: Convert queue_stack map to rqspinlock
|
|
possible deadlock in __bpf_ringbuf_reserve
bpf
|
C |
error |
|
2483 |
4h08m |
403d
|
22/28 |
never |
a650d38915c1
bpf: Convert ringbuf map to rqspinlock
|
|
UBSAN: array-index-out-of-bounds in bpf_prog_select_runtime
bpf
|
C |
done |
|
1160 |
20d |
401d
|
25/28 |
never |
6ebc5030e0c5
bpf: Fix array bounds error with may_goto
|
|
WARNING: locking bug in __lock_task_sighand
bpf
trace
|
C |
unreliable |
|
89 |
86d |
142d
|
27/28 |
never |
87c544108b61
bpf: Send signals asynchronously if !preemptible
|
|
WARNING in dev_xdp_install
bpf
|
C |
|
|
245 |
15d |
22d
|
24/28 |
never |
d996e412b2df
bpf: add missing ops lock around dev_xdp_attach_link
|
|
possible deadlock in bpf_map_mmap
bpf
|
|
|
|
1 |
94d |
89d
|
25/28 |
never |
bc27c52eea18
bpf: avoid holding freeze_mutex during mmap operation
|
|
general protection fault in bpf_map_offload_map_alloc
bpf
|
|
|
|
494 |
42d |
43d
|
25/28 |
never |
0a5c8b2c8ccb
bpf: fix a possible NULL deref in bpf_map_offload_map_alloc()
|
|
BUG: using smp_processor_id() in preemptible code in bpf_mem_alloc
bpf
|
C |
done |
|
12 |
155d |
152d
|
28/28 |
123d |
4ff04abf9d5b
bpf: Add necessary migrate_disable to range_tree.
|
|
WARNING in push_jmp_history
bpf
|
C |
done |
|
5 |
194d |
194d
|
28/28 |
156d |
aa30eb3260b2
bpf: Force checkpoint when jmp history is too long
|
|
general protection fault in dev_map_enqueue (2)
bpf
net
|
C |
error |
done |
336 |
262d |
328d
|
28/28 |
158d |
09d88791c7cd
bpf: Make sure internal and UAPI bpf_redirect flags don't overlap
|
|
WARNING in sock_map_close (2)
bpf
net
|
C |
done |
|
3 |
240d |
240d
|
28/28 |
179d |
1461f5a3d810
l2tp: avoid overriding sk->sk_user_data
|
|
BUG: unable to handle kernel paging request in bpf_prog_ADDR (3)
bpf
net
|
C |
done |
|
6 |
280d |
280d
|
28/28 |
179d |
92de36080c93
bpf: Fail verification for sign-extension of packet data/data_end/data_meta
|
|
KASAN: slab-use-after-free Read in htab_map_alloc (2)
bpf
|
|
|
|
224 |
344d |
350d
|
27/28 |
219d |
86735b57c905
net/sched: unregister lockdep keys in qdisc_create/qdisc_alloc error path
|
|
KASAN: stack-out-of-bounds Read in xdp_do_check_flushed
bpf
net
|
C |
done |
|
127 |
260d |
281d
|
27/28 |
240d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
|
general protection fault in __dev_flush
net
bpf
|
C |
|
|
35 |
261d |
275d
|
27/28 |
240d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
|
general protection fault in bq_flush_to_queue
bpf
net
|
|
|
|
22 |
261d |
270d
|
27/28 |
240d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
|
KASAN: slab-use-after-free Read in bq_xmit_all
bpf
net
|
C |
done |
|
29 |
261d |
274d
|
27/28 |
240d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
|
general protection fault in __xsk_map_flush
bpf
net
|
C |
done |
|
26 |
261d |
278d
|
27/28 |
240d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
|
general protection fault in __cpu_map_flush
bpf
net
|
C |
inconclusive |
|
25 |
261d |
275d
|
27/28 |
240d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
|
general protection fault in xdp_do_generic_redirect
net
bpf
|
|
|
|
8 |
284d |
288d
|
27/28 |
249d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
|
general protection fault in dev_map_redirect
bpf
net
|
C |
|
|
362 |
284d |
292d
|
27/28 |
249d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
|
stack segment fault in dev_hash_map_redirect
bpf
net
|
C |
done |
|
29 |
284d |
292d
|
27/28 |
249d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
|
general protection fault in xdp_do_redirect
bpf
net
|
|
|
|
15 |
285d |
292d
|
27/28 |
249d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
|
stack segment fault in bpf_xdp_redirect
bpf
net
|
C |
|
|
181 |
284d |
292d
|
27/28 |
249d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
|
stack segment fault in cpu_map_redirect
net
bpf
|
C |
done |
|
11 |
285d |
284d
|
27/28 |
249d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
|
WARNING in bpf_lwt_seg6_adjust_srh
bpf
net
|
C |
done |
|
30 |
284d |
298d
|
27/28 |
249d |
c13fda93aca1
bpf: Remove tst_run from lwt_seg6local_prog_ops.
|
|
possible deadlock in console_flush_all (2)
trace
bpf
|
C |
error |
|
52996 |
284d |
559d
|
26/28 |
284d |
ae01e52da244
serial: drop debugging WARN_ON_ONCE() from uart_write()
|
|
WARNING in skb_ensure_writable
bpf
net
|
C |
done |
|
2893 |
285d |
362d
|
26/28 |
284d |
2bbe3e5a2f4e
bpf: Avoid splat in pskb_pull_reason
|
|
INFO: task hung in bpf_prog_dev_bound_destroy
bpf
|
|
|
|
94 |
303d |
315d
|
26/28 |
284d |
d864319871b0
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
|
|
possible deadlock in __sock_map_delete
bpf
net
|
C |
|
|
14 |
326d |
370d
|
26/28 |
292d |
98e948fb60d4
bpf: Allow delete from sockmap/sockhash only if update is allowed
|
|
general protection fault in bpf_get_attach_cookie_tracing
bpf
trace
|
C |
error |
|
7 |
318d |
349d
|
26/28 |
305d |
d0d1df8ba18a
bpf: Set run context for rawtp test_run callback
|
|
KASAN: slab-use-after-free Read in bpf_link_free (2)
bpf
|
syz |
|
|
52 |
315d |
327d
|
26/28 |
305d |
2884dc7d08d9
bpf: Fix a potential use-after-free in bpf_link_free()
|
|
WARNING in sock_map_close
bpf
net
|
C |
error |
|
182 |
313d |
376d
|
25/28 |
313d |
4b4647add7d3
sock_map: avoid race between sock_map_close and sk_psock_put
|
|
possible deadlock in sock_hash_delete_elem (2)
bpf
net
|
C |
|
|
1127 |
313d |
396d
|
25/28 |
313d |
98e948fb60d4
bpf: Allow delete from sockmap/sockhash only if update is allowed
|
|
KMSAN: uninit-value in __bpf_strtoull
bpf
|
C |
|
|
119 |
319d |
396d
|
25/28 |
318d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
|
KMSAN: uninit-value in trie_delete_elem
bpf
|
C |
|
|
52 |
319d |
389d
|
25/28 |
318d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
|
KMSAN: uninit-value in dev_map_lookup_elem
bpf
net
|
C |
|
|
3 |
384d |
390d
|
25/28 |
318d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
|
KMSAN: uninit-value in trie_lookup_elem
bpf
|
C |
|
|
12 |
376d |
394d
|
25/28 |
318d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
|
possible deadlock in kvfree_call_rcu
bpf
|
C |
|
|
1431 |
320d |
389d
|
25/28 |
318d |
59f2f841179a
bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie.
|
|
BUG: unable to handle kernel paging request in bpf_prog_ADDR (2)
bpf
|
C |
|
|
3 |
362d |
376d
|
25/28 |
318d |
543576ec15b1
bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
|
|
KMSAN: uninit-value in array_map_lookup_elem
bpf
|
C |
|
|
10 |
373d |
393d
|
25/28 |
318d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
|
KMSAN: uninit-value in sock_map_delete_elem
bpf
net
|
C |
|
|
44 |
320d |
390d
|
25/28 |
318d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
|
WARNING in __mark_chain_precision (4)
bpf
|
C |
|
|
8 |
363d |
383d
|
25/28 |
318d |
1f2a74b41ea8
bpf: prevent r10 register from being marked as precise
|
|
KASAN: stack-out-of-bounds Read in hash
bpf
|
C |
done |
|
5 |
371d |
378d
|
25/28 |
332d |
a8d89feba7e5
bpf: Check bloom filter map value size
|
|
possible deadlock in force_sig_info_to_task
bpf
trace
|
C |
error |
|
6 |
352d |
359d
|
25/28 |
332d |
02b670c1f88e
x86/mm: Remove broken vsyscall emulation code from the page fault code
|
|
KCSAN: data-race in sk_psock_drop / sk_psock_skb_ingress_enqueue
bpf
net
|
|
|
|
1 |
400d |
393d
|
25/28 |
332d |
6648e613226e
bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
|
|
possible deadlock in tty_port_tty_get (2)
bpf
net
|
|
|
|
3 |
375d |
393d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in put_pwq_unlocked
trace
bpf
|
|
|
|
3 |
369d |
369d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
WARNING in sock_map_delete_elem
bpf
net
|
C |
|
|
17183 |
358d |
397d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in scheduler_tick (3)
bpf
net
|
C |
|
|
1179 |
359d |
395d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in pit_timer_fn
bpf
net
|
|
|
|
7 |
369d |
381d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in rcu_exp_handler
bpf
net
|
C |
|
|
1 |
372d |
368d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in rcu_report_exp_cpu_mult
net
bpf
|
C |
done |
|
30 |
359d |
397d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in try_to_wake_up (4)
bpf
net
|
C |
error |
|
19 |
334d |
397d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in ahci_single_level_irq_intr
bpf
net
|
C |
|
|
10 |
380d |
388d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
WARNING in sock_map_unref
bpf
net
|
C |
error |
|
97 |
359d |
373d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in __lock_task_sighand (2)
bpf
net
|
C |
|
|
1476 |
333d |
397d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
WARNING in sock_hash_delete_elem
bpf
net
|
C |
done |
|
16982 |
358d |
397d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in hrtimer_run_queues
net
bpf
|
C |
error |
|
592 |
359d |
396d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in swake_up_one
bpf
net
|
C |
|
|
4 |
370d |
369d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in pwq_dec_nr_in_flight
trace
bpf
|
|
|
|
1 |
374d |
370d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
WARNING in _prb_commit
net
bpf
|
|
|
|
4 |
369d |
365d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in posix_timer_fn (2)
net
bpf
|
|
|
|
1 |
373d |
369d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
possible deadlock in drm_handle_vblank
bpf
net
|
|
|
|
30 |
370d |
395d
|
25/28 |
332d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
|
KASAN: slab-out-of-bounds Read in xsk_setsockopt
bpf
net
|
C |
|
|
17 |
371d |
380d
|
25/28 |
332d |
237f3cf13b20
xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
|
|
UBSAN: array-index-out-of-bounds in check_stack_range_initialized
bpf
|
C |
error |
|
21 |
363d |
396d
|
25/28 |
332d |
ecc6a2101840
bpf: Protect against int overflow for stack access size
|
|
general protection fault in dev_map_enqueue
bpf
net
|
C |
|
|
676 |
332d |
389d
|
25/28 |
332d |
5bcf0dcbf906
xdp: use flags field to disambiguate broadcast redirect
|
|
KASAN: slab-use-after-free Read in bpf_link_free
bpf
|
syz |
|
|
181 |
332d |
380d
|
25/28 |
332d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
|
KASAN: slab-use-after-free Read in bpf_trace_run4
bpf
trace
|
C |
error |
|
169 |
376d |
394d
|
25/28 |
332d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
|
KASAN: slab-use-after-free Read in bpf_trace_run2
bpf
trace
|
C |
error |
|
653 |
376d |
394d
|
25/28 |
332d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
|
KASAN: slab-use-after-free Read in bpf_trace_run1
bpf
trace
|
C |
error |
|
78 |
376d |
391d
|
25/28 |
332d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
|
linux-next boot error: WARNING in register_btf_kfunc_id_set
bpf
|
|
|
|
9 |
442d |
443d
|
25/28 |
374d |
a05e90427ef6
bpf: btf: Add BTF_KFUNCS_START/END macro pair
|
|
general protection fault in bpf_struct_ops_find_value
bpf
|
C |
done |
|
9 |
447d |
450d
|
25/28 |
375d |
e6be8cd5d3cf
bpf: Fix error checks against bpf_get_btf_vmlinux().
|
|
BUG: unable to handle kernel NULL pointer dereference in dev_map_hash_update_elem
bpf
net
|
C |
|
|
2 |
419d |
426d
|
25/28 |
375d |
281d464a34f5
bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
|
|
general protection fault in btf_is_module
bpf
|
C |
error |
|
318 |
447d |
450d
|
25/28 |
375d |
e6be8cd5d3cf
bpf: Fix error checks against bpf_get_btf_vmlinux().
|
|
BUG: unable to handle kernel NULL pointer dereference in unix_stream_sendmsg
bpf
net
|
C |
|
|
1 |
418d |
418d
|
25/28 |
382d |
4cd12c6065df
bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
|
|
BUG: unable to handle kernel NULL pointer dereference in sk_psock_verdict_data_ready
net
bpf
|
C |
unreliable |
|
15 |
413d |
533d
|
25/28 |
382d |
4cd12c6065df
bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
|
|
WARNING in __mark_chain_precision (3)
bpf
|
C |
done |
|
19 |
475d |
496d
|
25/28 |
444d |
482d548d40b0
bpf: handle fake register spill to stack with BPF_ST_MEM instruction
|
|
KASAN: slab-use-after-free Read in nla_find
bpf
net
|
C |
done |
|
4 |
489d |
488d
|
25/28 |
445d |
2130c519a401
bpf: Use nla_ok() instead of checking nla_len directly
|
|
WARNING: locking bug in corrupted (2)
bpf
reiserfs
|
C |
done |
done |
1 |
495d |
649d
|
25/28 |
445d |
6f861765464f
fs: Block writes to mounted block devices
|
|
WARNING in __sk_msg_free
bpf
net
|
C |
done |
|
4 |
471d |
470d
|
25/28 |
445d |
dc9dfc8dc629
net: tls, fix WARNIING in __sk_msg_free
|
|
kernel BUG in prog_array_map_poke_run
bpf
|
C |
done |
done |
35 |
488d |
529d
|
25/28 |
453d |
4b7de801606e
bpf: Fix prog_array_map_poke_run map poke update
|
|
KASAN: null-ptr-deref Write in unix_stream_bpf_update_proto
bpf
net
|
C |
done |
|
54 |
476d |
506d
|
25/28 |
455d |
8d6650646ce4
bpf: syzkaller found null ptr deref in unix_bpf proto add
|
|
WARNING in bpf_mprog_pos_after
bpf
|
|
|
|
3 |
571d |
579d
|
25/28 |
486d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
|
WARNING: zero-size vmalloc in xskq_create
bpf
net
|
|
|
|
20 |
555d |
563d
|
25/28 |
486d |
a12bbb3cccf0
xdp: Fix zero-size allocation warning in xskq_create()
|
|
WARNING: zero-size vmalloc in print_tainted
bpf
net
|
C |
|
|
79 |
678d |
712d
|
25/28 |
486d |
a12bbb3cccf0
xdp: Fix zero-size allocation warning in xskq_create()
|
|
WARNING in bpf_mprog_attach
bpf
|
C |
|
|
3 |
563d |
571d
|
25/28 |
486d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
|
WARNING in bpf_mprog_pos_before
bpf
|
C |
done |
|
26 |
563d |
571d
|
25/28 |
486d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
|
general protection fault in bpf_prog_offload_verifier_prep
bpf
|
C |
done |
|
31 |
575d |
594d
|
25/28 |
486d |
1a49f4195d34
bpf: Avoid dummy bpf_offload_netdev in __bpf_prog_dev_bound_init
|
|
WARNING: refcount bug in xp_put_pool
bpf
net
|
C |
done |
|
2 |
630d |
628d
|
23/28 |
555d |
85c2c79a0730
xsk: fix refcount underflow in error path
|
|
KASAN: slab-use-after-free Read in xsk_diag_dump
net
bpf
|
C |
done |
|
9 |
590d |
599d
|
23/28 |
555d |
3e019d8a05a3
xsk: Fix xsk_diag use-after-free error during socket cleanup
|
|
UBSAN: array-index-out-of-bounds in bpf_mprog_detach
bpf
|
|
|
|
3 |
624d |
630d
|
23/28 |
555d |
d210f9735e13
bpf: Fix mprog detachment for empty mprog entry
|
|
KCSAN: data-race in bpf_percpu_array_update / bpf_percpu_array_update (2)
bpf
|
|
|
|
1 |
600d |
599d
|
23/28 |
555d |
6a86b5b5cd76
bpf: Annotate bpf_long_memcpy with data_race
|
|
WARNING in tcx_uninstall
bpf
net
|
C |
done |
|
7 |
629d |
634d
|
23/28 |
555d |
079082c60aff
tcx: Fix splat during dev unregister
|
|
WARNING in bpf_xdp_adjust_tail (4)
bpf
|
C |
error |
|
466 |
621d |
831d
|
23/28 |
555d |
d14eea09edf4
net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail()
|
|
KMSAN: uninit-value in ieee802154_subif_start_xmit
bpf
|
C |
done |
|
119 |
626d |
622d
|
23/28 |
555d |
db2baf82b098
bpf: Fix an incorrect verification success with movsx insn
|
|
WARNING: ODEBUG bug in tcx_uninstall
net
bpf
|
C |
done |
|
38 |
635d |
639d
|
23/28 |
555d |
dc644b540a2d
tcx: Fix splat in ingress_destroy upon tcx_entry_free
|
|
INFO: rcu detected stall in ext4_file_write_iter (7)
mm
bpf
ext4
|
|
|
|
3 |
597d |
639d
|
23/28 |
555d |
8c21ab1bae94
net/sched: fq_pie: avoid stalls in fq_pie_timer()
|
|
UBSAN: array-index-out-of-bounds in print_bpf_insn
bpf
|
C |
done |
|
9 |
627d |
628d
|
23/28 |
555d |
e99688eba2e9
bpf: Fix an array-index-out-of-bounds issue in disasm.c
|
|
KCSAN: data-race in __bpf_lru_list_rotate / __htab_lru_percpu_map_update_elem (5)
bpf
|
|
|
|
13 |
664d |
725d
|
23/28 |
569d |
ee9fd0ac3017
bpf: Address KCSAN report on bpf_lru_list
|
|
WARNING in btf_type_id_size (2)
bpf
|
C |
error |
|
8 |
665d |
696d
|
23/28 |
569d |
e6c2f594ed96
bpf: Silence a warning in btf_type_id_size()
|
|
WARNING: bad unlock balance in bpf
bpf
|
C |
done |
|
12 |
694d |
694d
|
23/28 |
569d |
4266f41feaee
bpf: Fix bad unlock balance on freeze_mutex
|
|
WARNING in bpf_verifier_vlog
bpf
|
C |
inconclusive |
|
6 |
717d |
953d
|
23/28 |
569d |
cff36398bd4c
bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log
|
|
BUG: unable to handle kernel NULL pointer dereference in __build_skb_around
net
bpf
|
C |
done |
|
29 |
761d |
766d
|
22/28 |
681d |
e5995bc7e2ba
bpf, test_run: fix crashes due to XDP frame overwriting/corruption
|
|
KASAN: slab-out-of-bounds Write in copy_array (2)
bpf
|
|
|
|
108 |
681d |
710d
|
22/28 |
681d |
45435d8da71f
bpf: Always use maximal size for copy_array()
|
|
riscv/fixes boot error: WARNING in __apply_to_page_range (2)
bpf
|
|
|
|
5 |
789d |
850d
|
22/28 |
681d |
96f9d4daf745
riscv: Rework kasan population functions
|
|
general protection fault in bpf_struct_ops_link_create
bpf
net
|
C |
done |
|
17 |
755d |
757d
|
22/28 |
681d |
55fbae05476d
bpf: Check IS_ERR for the bpf_map_get() return value
|
|
WARNING in sock_map_del_link
bpf
net
|
|
|
|
91 |
737d |
737d
|
22/28 |
681d |
8c5c2a4898e3
bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
|
|
KASAN: slab-out-of-bounds Write in copy_verifier_state
bpf
|
C |
error |
done |
825 |
835d |
852d
|
22/28 |
681d |
45435d8da71f
bpf: Always use maximal size for copy_array()
|
|
BUG: stack guard page was hit in inet6_release
bpf
net
|
C |
done |
|
4 |
816d |
865d
|
22/28 |
681d |
ddce1e091757
bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
|
|
possible deadlock in bpf_trace_printk
bpf
trace
|
C |
done |
done |
68 |
790d |
1045d
|
22/28 |
758d |
05b24ff9b2cf
bpf: Prevent bpf program recursion for raw tracepoint probes
|
|
KASAN: vmalloc-out-of-bounds Read in bpf_jit_free
bpf
|
C |
|
|
68 |
984d |
1160d
|
22/28 |
785d |
1d5f82d9dd47
bpf, x86: fix freeing of not-finalized bpf_prog_pack
d24d2a2b0a81
bpf: bpf_prog_pack: Set proper size before freeing ro_header
|
|
WARNING: kmalloc bug in xdp_umem_create (2)
bpf
net
|
C |
done |
|
21 |
1164d |
1230d
|
22/28 |
785d |
0708a0afe291
mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
|
|
BUG: sleeping function called from invalid context in sk_psock_skb_ingress_self
net
bpf
|
C |
done |
|
151 |
895d |
917d
|
22/28 |
785d |
2d1f274b95c6
skmsg: pass gfp argument to alloc_sk_msg()
|
|
WARNING in bpf_skb_load_helper_16_no_cache
bpf
|
C |
done |
|
6 |
992d |
1022d
|
22/28 |
785d |
0326195f523a
bpf: Make sure mac_header was set before using it
|
|
KASAN: vmalloc-out-of-bounds Write in ringbuf_map_alloc
bpf
|
C |
done |
|
541 |
1170d |
1173d
|
22/28 |
785d |
b293dcc473d2
bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
|
|
bpf-next boot error: WARNING in bpf_prog_pack_free
bpf
|
|
|
|
12 |
1124d |
1125d
|
22/28 |
785d |
96805674e562
bpf: Fix bpf_prog_pack for multi-node setup
|
|
KASAN: slab-out-of-bounds Write in bpf_prog_test_run_xdp
bpf
net
|
C |
done |
|
18 |
1161d |
1178d
|
22/28 |
785d |
a6763080856f
bpf: test_run: Fix OOB access in bpf_prog_test_run_xdp
|
|
general protection fault in do_check_common
bpf
|
C |
done |
|
5 |
1018d |
1021d
|
22/28 |
785d |
d1a6edecc1fd
bpf: Check attach_func_proto more carefully in check_return_code
|
|
WARNING in bpf_test_finish
net
bpf
|
C |
done |
|
3 |
1147d |
1147d
|
22/28 |
785d |
530e214c5b5a
bpf, test_run: Fix overflow in XDP frags bpf_test_finish
|
|
KMSAN: uninit-value in ___bpf_prog_run (3)
bpf
|
C |
|
|
5 |
1099d |
1101d
|
22/28 |
785d |
99c07327ae11
netlink: reset network and mac headers in netlink_dump()
|
|
general protection fault in check_helper_call
bpf
|
C |
done |
|
4 |
1004d |
1009d
|
22/28 |
785d |
d1a6edecc1fd
bpf: Check attach_func_proto more carefully in check_return_code
|
|
general protection fault in btf_decl_tag_resolve
bpf
|
C |
done |
|
6 |
1171d |
1172d
|
22/28 |
785d |
d7e7b42f4f95
bpf: Fix a btf decl_tag bug when tagging a function
|
|
BUG: missing reserved tailroom
bpf
net
|
C |
done |
|
2 |
1136d |
1136d
|
22/28 |
785d |
b6f1f780b393
bpf, test_run: Fix packet size check for live packet mode
|
|
KASAN: slab-out-of-bounds Write in __build_skb_around
bpf
net
|
C |
error |
|
2536 |
858d |
873d
|
22/28 |
785d |
ce098da1497c
skbuff: Introduce slab_build_skb()
|
|
WARNING in btf_type_id_size
bpf
|
C |
done |
|
10 |
845d |
916d
|
22/28 |
785d |
ea68376c8bed
bpf: prevent decl_tag from being referenced in func_proto
|
|
WARNING: ODEBUG bug in htab_map_alloc
bpf
|
C |
|
|
6456 |
928d |
953d
|
22/28 |
785d |
cf7de6a53600
bpf: add missing percpu_counter_destroy() in htab_map_alloc()
|
|
WARNING: kmalloc bug in bpf
bpf
|
C |
done |
done |
562 |
1123d |
1240d
|
22/28 |
785d |
0708a0afe291
mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
|
|
WARNING in bpf_skb_load_helper_32
bpf
|
C |
done |
|
9 |
986d |
1017d
|
22/28 |
785d |
0326195f523a
bpf: Make sure mac_header was set before using it
|
|
WARNING in bpf_bprintf_prepare (2)
bpf
|
C |
|
|
2 |
919d |
958d
|
22/28 |
785d |
05b24ff9b2cf
bpf: Prevent bpf program recursion for raw tracepoint probes
|
|
WARNING in check_map_prog_compatibility
bpf
|
C |
inconclusive |
done |
128 |
937d |
1100d
|
22/28 |
785d |
34dd3bad1a6f
bpf: Relax the requirement to use preallocated hash maps in tracing progs.
|
|
bpf-next boot error: KASAN: global-out-of-bounds Read in task_iter_init
bpf
|
|
|
|
42 |
1254d |
1258d
|
20/28 |
1138d |
9e2ad638ae36
bpf: Extend BTF_ID_LIST_GLOBAL with parameter for number of IDs
|
|
general protection fault in bpf_skb_cgroup_id
bpf
net
|
C |
inconclusive |
|
107 |
1295d |
1310d
|
20/28 |
1138d |
435b08ec0094
bpf, test, cgroup: Use sk_{alloc,free} for test cases
|
|
general protection fault in bpf_skb_ancestor_cgroup_id
bpf
net
|
C |
unreliable |
|
232 |
1294d |
1310d
|
20/28 |
1138d |
435b08ec0094
bpf, test, cgroup: Use sk_{alloc,free} for test cases
|
|
general protection fault in dev_get_by_index_rcu (2)
bpf
net
|
C |
error |
|
18 |
1198d |
1198d
|
20/28 |
1138d |
382778edc826
xdp: check prog type before updating BPF link
|
|
WARNING: kmalloc bug in bpf_check
bpf
|
C |
done |
|
34 |
1311d |
1324d
|
20/28 |
1138d |
0e6491b55970
bpf: Add oversize check before call kvcalloc()
|
|
KASAN: vmalloc-out-of-bounds Read in bpf_prog_put
bpf
|
C |
done |
|
2 |
1218d |
1216d
|
20/28 |
1138d |
218d747a4142
bpf, sockmap: Fix double bpf_prog_put on error case in map_link
|
|
WARNING in bpf_bprintf_prepare
bpf
|
C |
unreliable |
|
96 |
1402d |
1440d
|
20/28 |
1257d |
e2d5b2bb769f
bpf: Fix nested bpf_bprintf_prepare with more per-cpu buffers
|
|
UBSAN: shift-out-of-bounds in ___bpf_prog_run
bpf
|
C |
unreliable |
|
38 |
1390d |
1501d
|
20/28 |
1257d |
28131e9d9333
bpf: Fix up register-based shifts in interpreter to silence KUBSAN
|
|
KASAN: use-after-free Write in sk_psock_stop
bpf
net
|
syz |
done |
|
74 |
1455d |
1475d
|
20/28 |
1257d |
aadb2bb83ff7
sock_map: Fix a potential use-after-free in sock_map_close()
|
|
memory leak in bpf (2)
bpf
|
C |
|
|
3 |
1411d |
1480d
|
20/28 |
1257d |
ccff81e1d028
bpf: Fix false positive kmemleak report in bpf_ringbuf_area_alloc()
|
|
general protection fault in btf_type_id_size
bpf
|
C |
unreliable |
|
6 |
1507d |
1504d
|
20/28 |
1257d |
350a5c4dd245
bpf: Dont allow vmlinux BTF to be used in map_create and prog_load.
|
|
WARNING: suspicious RCU usage in tcp_bpf_update_proto
bpf
net
|
C |
done |
|
539 |
1455d |
1475d
|
20/28 |
1257d |
51e0158a5432
skmsg: Pass psock pointer to ->psock_update_sk_prot()
|
|
WARNING: suspicious RCU usage in bpf_get_current_cgroup_id
bpf
|
C |
done |
|
764 |
1327d |
1365d
|
20/28 |
1257d |
2d3a1e3615c5
bpf: Add rcu_read_lock in bpf_get_current_[ancestor_]cgroup_id() helpers
|
|
WARNING in tracepoint_add_func
bpf
trace
|
C |
done |
|
20635 |
1372d |
1756d
|
20/28 |
1257d |
9913d5745bd7
tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
|
|
KASAN: vmalloc-out-of-bounds Read in bpf_trace_run2
trace
bpf
|
C |
done |
done |
5 |
1513d |
1671d
|
20/28 |
1467d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
|
BUG: unable to handle kernel paging request in bpf_trace_run2
bpf
trace
|
C |
done |
done |
10 |
1510d |
1671d
|
20/28 |
1467d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
|
KMSAN: uninit-value in bpf_iter_prog_supported
bpf
|
|
|
|
4479 |
1471d |
1532d
|
20/28 |
1471d |
17d8beda277a
bpf: Fix an unitialized value in bpf_iter
|
|
KCSAN: data-race in bpf_lru_pop_free / bpf_lru_push_free
bpf
|
|
|
|
237 |
1519d |
1706d
|
20/28 |
1471d |
6df8fb83301d
bpf_lru_list: Read double-checked variable once without lock
|
|
KCSAN: data-race in __bpf_lru_list_rotate / bpf_lru_push_free (2)
bpf
|
|
|
|
32 |
1525d |
1594d
|
20/28 |
1471d |
6df8fb83301d
bpf_lru_list: Read double-checked variable once without lock
|
|
KASAN: vmalloc-out-of-bounds Read in bpf_trace_run3
bpf
trace
|
C |
done |
|
6 |
1527d |
1629d
|
20/28 |
1471d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
|
BUG: unable to handle kernel paging request in bpf_trace_run3
bpf
trace
|
C |
done |
|
40 |
1518d |
1640d
|
20/28 |
1471d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
|
memory leak in xskq_create
bpf
net
|
C |
|
|
7 |
1568d |
1588d
|
19/28 |
1502d |
8bee68338408
xsk: Fix memory leak for failed bind
|
|
BUG: unable to handle kernel paging request in htab_map_alloc (2)
bpf
|
C |
unreliable |
|
8 |
1588d |
1597d
|
19/28 |
1502d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
|
BUG: unable to handle kernel paging request in bpf_lru_populate
bpf
|
C |
done |
|
12 |
1588d |
1594d
|
19/28 |
1502d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
|
general protection fault in xsk_recvmsg
bpf
net
|
C |
done |
unreliable |
1800 |
1586d |
1556d
|
19/28 |
1502d |
3546b9b8eced
xsk: Validate socket state in xsk_recvmsg, prior touching socket members
|
|
KASAN: vmalloc-out-of-bounds Write in pcpu_freelist_populate
bpf
|
|
|
|
6 |
1590d |
1594d
|
19/28 |
1502d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
|
KASAN: use-after-free Read in htab_map_alloc
bpf
|
C |
done |
|
38 |
1629d |
1632d
|
19/28 |
1502d |
8aaeed81fcb9
bpf: Fix error path in htab_map_alloc()
|
|
BUG: unable to handle kernel paging request in htab_free_elems
bpf
|
|
|
|
1 |
1595d |
1595d
|
19/28 |
1502d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
|
KASAN: vmalloc-out-of-bounds Write in htab_map_alloc
bpf
|
|
|
|
6 |
1589d |
1598d
|
19/28 |
1502d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
|
BUG: unable to handle kernel paging request in pcpu_freelist_populate
bpf
|
C |
unreliable |
|
42 |
1587d |
1598d
|
19/28 |
1502d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
|
KASAN: vmalloc-out-of-bounds Read in htab_free_elems
bpf
|
C |
unreliable |
|
7 |
1595d |
1596d
|
19/28 |
1502d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
|
KASAN: vmalloc-out-of-bounds Write in bpf_lru_populate
bpf
|
C |
unreliable |
|
19 |
1588d |
1598d
|
19/28 |
1502d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
|
general protection fault in xsk_release
bpf
net
|
C |
done |
|
2 |
1667d |
1667d
|
15/28 |
1615d |
1fd17c8cd0aa
xsk: Fix possible crash in socket_release when out-of-memory
|
|
KASAN: use-after-free Write in xp_put_pool
bpf
net
|
C |
done |
|
50 |
1668d |
1690d
|
15/28 |
1615d |
83cf5c68d663
xsk: Fix use-after-free in failed shared_umem bind
|
|
general protection fault in xsk_is_setup_for_bpf_map
bpf
net
|
C |
error |
|
294 |
1668d |
1690d
|
15/28 |
1615d |
968be23ceaca
xsk: Fix possible segfault at xskmap entry insertion
|
|
WARNING in bpf_raw_tp_link_fill_link_info
bpf
|
C |
error |
|
56 |
1668d |
1682d
|
15/28 |
1615d |
b474959d5afd
bpf: Fix a buffer out-of-bound access when filling raw_tp link_info
|
|
memory leak in xdp_umem_create
net
bpf
|
C |
|
|
17 |
1619d |
1639d
|
15/28 |
1615d |
e5e1a4bc916d
xsk: Fix possible memory leak at socket close
|
|
general protection fault in xsk_diag_dump (2)
bpf
net
|
C |
|
|
354 |
1672d |
1690d
|
15/28 |
1615d |
53ea2076d851
xsk: Fix possible segfault in xsk umem diagnostics
|
|
general protection fault in __btf_resolve_helper_id
bpf
|
C |
|
|
17 |
1740d |
1749d
|
15/28 |
1676d |
5b801dfb7feb
bpf: Fix NULL pointer dereference in __btf_resolve_helper_id()
|
|
KASAN: use-after-free Write in bpf_link_put
bpf
|
|
|
|
2 |
1813d |
1815d
|
15/28 |
1737d |
138c67677ff5
bpf: Fix use-after-free of bpf_link when priming half-fails
|
|
general protection fault in sock_hash_free
net
bpf
|
|
|
|
1 |
1782d |
1782d
|
15/28 |
1737d |
75e68e5bf2c7
bpf, sockhash: Synchronize delete from bucket list on map free
|
|
BUG: unable to handle kernel NULL pointer dereference in smp_call_function_many_cond (2)
bpf
|
|
|
|
1 |
1761d |
1761d
|
15/28 |
1737d |
3021e69219e2
kcov: check kcov_softirq in kcov_remote_stop()
|
|
KMSAN: uninit-value in bpf_skb_load_helper_32_no_cache
net
bpf
|
|
|
|
2 |
1900d |
1898d
|
15/28 |
1830d |
457fed775c97
net/smc: fix leak of kernel memory to user space
|
|
possible deadlock in htab_lru_map_delete_node
bpf
|
C |
done |
|
264 |
1883d |
1888d
|
15/28 |
1830d |
b9aff38de2cb
bpf: Fix a potential deadlock with bpf_map_do_batch
|
|
possible deadlock in bpf_lru_push_free
bpf
|
C |
done |
|
609 |
1883d |
1889d
|
15/28 |
1830d |
b9aff38de2cb
bpf: Fix a potential deadlock with bpf_map_do_batch
|
|
BUG: sleeping function called from invalid context in lock_sock_nested
bpf
net
|
C |
|
|
1232 |
1887d |
1962d
|
15/28 |
1887d |
37f96694cf73
crypto: af_alg - Use bh_lock_sock in sk_destruct
|
|
WARNING in sk_psock_drop
bpf
net
|
|
|
|
157 |
1910d |
1919d
|
15/28 |
1887d |
58c8db929db1
net, sk_msg: Don't check if sock is locked when tearing down psock
|
|
general protection fault in free_verifier_state (3)
bpf
|
C |
|
|
5 |
1915d |
1921d
|
15/28 |
1887d |
f59bbfc2f609
bpf: Fix error path under memory pressure
|
|
KASAN: vmalloc-out-of-bounds Write in pcpu_alloc
bpf
|
C |
done |
|
31 |
1939d |
1964d
|
15/28 |
1892d |
253a496d8e57
kasan: don't assume percpu shadow allocations will succeed
|
|
BUG: unable to handle kernel paging request in pcpu_alloc
bpf
|
C |
done |
|
24 |
1945d |
1963d
|
15/28 |
1892d |
253a496d8e57
kasan: don't assume percpu shadow allocations will succeed
|
|
KASAN: slab-out-of-bounds Read in bpf_prog_create
bpf
net
|
C |
done |
|
447 |
1959d |
2041d
|
15/28 |
1929d |
0033b34a03ec
ppp: fix out-of-bounds access in bpf_prog_create()
|
|
KASAN: use-after-free Read in bpf_prog_kallsyms_find (2)
bpf
|
C |
done |
|
9 |
2004d |
2015d
|
13/28 |
1975d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
|
KASAN: use-after-free Read in is_bpf_text_address
bpf
|
C |
done |
|
3 |
2005d |
2006d
|
13/28 |
1975d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
|
BUG: unable to handle kernel paging request in is_bpf_text_address
bpf
|
C |
done |
|
2 |
2010d |
2010d
|
13/28 |
1975d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
|
BUG: unable to handle kernel NULL pointer dereference in xsk_poll
bpf
net
|
C |
done |
|
10 |
2011d |
2028d
|
13/28 |
1993d |
df551058f7a3
xsk: Fix crash in poll when device does not support ndo_xsk_wakeup
|
|
general protection fault in bpf_tcp_close (2)
bpf
|
C |
|
done |
26 |
2430d |
2474d
|
13/28 |
2007d |
e06fa9c16ce4
bpf, sockmap: fix potential use after free in bpf_tcp_close
|
|
general protection fault in xsk_poll
bpf
net
|
C |
done |
|
430 |
2042d |
2070d
|
13/28 |
2013d |
42fddcc7c64b
xsk: use state member for socket synchronization
|
|
general protection fault in xsk_map_update_elem
bpf
|
C |
done |
|
12 |
2032d |
2035d
|
13/28 |
2013d |
fcd30ae0665c
bpf/xskmap: Return ERR_PTR for failure case instead of NULL.
|
|
general protection fault in dev_map_hash_update_elem
bpf
net
|
C |
done |
|
4 |
2046d |
2053d
|
13/28 |
2013d |
af58e7ee6a8d
xdp: Fix race in dev_map_hash_update_elem() when replacing element
|
|
WARNING in __mark_chain_precision (2)
bpf
|
C |
done |
|
18 |
2042d |
2060d
|
13/28 |
2019d |
2339cd6cd0b5
bpf: fix precision tracking of stack slots
|
|
WARNING: suspicious RCU usage (4)
bpf
trace
|
C |
|
done |
1 |
2422d |
2420d
|
13/28 |
2024d |
865e63b04e9b
tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
|
|
WARNING: suspicious RCU usage in trace_call_bpf
bpf
trace
|
C |
|
done |
327 |
2403d |
2420d
|
13/28 |
2024d |
865e63b04e9b
tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
|
|
KASAN: use-after-free Read in psock_map_pop
bpf
|
C |
|
done |
204 |
2370d |
2413d
|
13/28 |
2024d |
5607fff30363
bpf: sockmap only allow ESTABLISHED sock state
|
|
KASAN: slab-out-of-bounds Read in sock_hash_ctx_update_elem
bpf
|
C |
|
done |
5 |
2455d |
2455d
|
13/28 |
2024d |
b845c898b2f1
bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
|
|
general protection fault in smap_list_hash_remove
bpf
|
C |
|
done |
52 |
2462d |
2481d
|
13/28 |
2024d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
|
WARNING in bpf_jit_free
bpf
|
C |
done |
|
21697 |
2052d |
2469d
|
12/28 |
2052d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
|
WARNING in bpf_prog_kallsyms_add
bpf
|
syz |
done |
done |
2 |
2094d |
2297d
|
12/28 |
2052d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
|
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_find
bpf
|
syz |
done |
inconclusive |
3 |
2269d |
2344d
|
12/28 |
2052d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
|
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_add
bpf
|
syz |
error |
|
234 |
2053d |
2413d
|
12/28 |
2052d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
|
KASAN: use-after-free Read in bpf_prog_kallsyms_del
bpf
|
syz |
done |
inconclusive |
3 |
2300d |
2378d
|
12/28 |
2052d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
|
KASAN: use-after-free Read in bpf_get_prog_name
bpf
|
|
|
|
1 |
2095d |
2094d
|
12/28 |
2052d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
|
WARNING in bpf_prog_kallsyms_find
bpf
|
C |
error |
|
5632 |
2052d |
2174d
|
12/28 |
2052d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
|
WARNING in is_bpf_text_address
bpf
|
C |
done |
|
104 |
2062d |
2129d
|
12/28 |
2052d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
|
KASAN: use-after-free Read in bpf_prog_kallsyms_add
bpf
|
syz |
error |
inconclusive |
120 |
2179d |
2413d
|
12/28 |
2052d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
|
BUG: unable to handle kernel paging request in __do_softirq
bpf
|
syz |
done |
done |
1 |
2132d |
2131d
|
12/28 |
2062d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
|
BUG: unable to handle kernel paging request in tls_prots
net
bpf
|
syz |
done |
|
1 |
2124d |
2124d
|
12/28 |
2062d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
|
possible deadlock in xsk_notifier
bpf
net
|
C |
done |
|
495 |
2101d |
2112d
|
12/28 |
2076d |
5464c3a0e9a0
xdp: fix potential deadlock on socket mutex
|
|
general protection fault in btf_array_resolve
bpf
|
C |
error |
|
109 |
2109d |
2131d
|
12/28 |
2084d |
e4f07120210a
bpf: fix NULL deref in btf_type_is_resolve_source_only
|
|
general protection fault in btf_struct_resolve
bpf
|
C |
error |
|
49 |
2109d |
2131d
|
12/28 |
2084d |
e4f07120210a
bpf: fix NULL deref in btf_type_is_resolve_source_only
|
|
KASAN: use-after-free Read in __dev_map_entry_free
bpf
net
|
C |
|
|
473 |
2214d |
2495d
|
12/28 |
2132d |
2baae3545327
bpf: devmap: fix use-after-free Read in __dev_map_entry_free
|
|
general protection fault in xsk_diag_dump
bpf
net
|
C |
|
|
5 |
2232d |
2237d
|
11/28 |
2214d |
915905f8b1d4
xsk: fix potential crash in xsk_diag_put_umem()
|
|
KASAN: use-after-free Read in bpf_cgroup_storage_release
bpf
|
C |
|
|
2 |
2452d |
2452d
|
11/28 |
2253d |
82c018d734a7
Merge branch 'bpf-cgroup-local-storage'
|
|
WARNING in __debug_object_init (3)
bpf
net
|
C |
|
|
1557 |
2364d |
2366d
|
11/28 |
2280d |
2cb494a36c98
bpf: add tests for direct packet access from CGROUP_SKB
|
|
KASAN: slab-out-of-bounds Write in queue_stack_map_push_elem
bpf
|
C |
|
|
30 |
2335d |
2337d
|
11/28 |
2325d |
813961de3ee6
bpf: fix integer overflow in queue_stack_map
|
|
WARNING in bpf_check (2)
bpf
|
C |
|
|
9 |
2348d |
2347d
|
11/28 |
2325d |
afd594240806
bpf: fix off-by-one error in adjust_subprog_starts
|
|
KASAN: slab-out-of-bounds Read in refcount_inc_not_zero_checked
bpf
net
|
|
|
|
2 |
2375d |
2376d
|
11/28 |
2350d |
5032d079909d
bpf: skmsg, fix psock create on existing kcm/tls port
|
|
BUG: sleeping function called from invalid context at net/core/dev.c:LINE
bpf
|
syz |
|
|
8 |
2376d |
2385d
|
11/28 |
2364d |
cee271678d0e
xsk: do not call synchronize_net() under RCU read lock
|
|
WARNING in pcpu_alloc
bpf
|
C |
|
|
4 |
2383d |
2392d
|
11/28 |
2382d |
b0584ea66d73
bpf: don't accept cgroup local storage with zero value size
|
|
WARNING: suspicious RCU usage in bpf_prog_array_copy_core
bpf
|
C |
|
|
22873 |
2426d |
2440d
|
8/28 |
2426d |
965931e3a803
bpf: fix a rcu usage warning in bpf_prog_array_copy_core()
|
|
KASAN: out-of-bounds Read in bpf_test_finish
bpf
net
|
|
|
|
9 |
2470d |
2476d
|
8/28 |
2447d |
6e6fddc78323
bpf: fix panic due to oob in bpf_prog_test_run_skb
|
|
WARNING: refcount bug in smap_release_sock
bpf
|
C |
|
|
55 |
2463d |
2502d
|
8/28 |
2447d |
7ebc14d507b4
bpf: sockmap, consume_skb in close path
547b3aa451ae
bpf: sockmap, error path can not release psock in multi-map case
|
|
KASAN: stack-out-of-bounds Read in bpf_tcp_close
bpf
|
C |
|
|
1 |
2467d |
2467d
|
8/28 |
2447d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
|
WARNING in bpf_check
bpf
|
|
|
|
3 |
2467d |
2473d
|
8/28 |
2447d |
c7a897843224
bpf: don't leave partial mangled prog in jit_subprogs error path
|
|
WARNING in do_debug (2)
bpf
|
|
|
|
1 |
2468d |
2467d
|
8/28 |
2447d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
|
KASAN: use-after-free Read in bpf_test_finish
bpf
net
|
C |
|
|
1211 |
2462d |
2476d
|
8/28 |
2447d |
6e6fddc78323
bpf: fix panic due to oob in bpf_prog_test_run_skb
|
|
WARNING in bpf_int_jit_compile
bpf
net
|
syz |
|
|
11 |
2484d |
2520d
|
8/28 |
2476d |
9facc336876f
bpf: reject any prog that failed read-only lock
|
|
possible deadlock in sock_hash_free
bpf
|
C |
|
|
45 |
2518d |
2518d
|
8/28 |
2476d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
|
WARNING: ODEBUG bug in sock_hash_free
bpf
|
|
|
|
1 |
2490d |
2489d
|
8/28 |
2476d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
|
KASAN: slab-out-of-bounds Read in bpf_csum_update
bpf
net
|
C |
|
|
2 |
2514d |
2512d
|
8/28 |
2476d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
|
INFO: rcu detected stall in is_bpf_text_address
bpf
|
C |
|
|
1 |
2527d |
2527d
|
8/28 |
2476d |
1d88ba1ebb27
sctp: not allow transport timeout value less than HZ/5 for hb_timer
|
|
KASAN: use-after-free Read in bpf_skb_change_proto
bpf
net
|
|
|
|
1 |
2506d |
2505d
|
8/28 |
2476d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
|
WARNING in bpf_prog_select_runtime
bpf
|
syz |
|
|
45 |
2500d |
2501d
|
8/28 |
2476d |
9facc336876f
bpf: reject any prog that failed read-only lock
|
|
KASAN: slab-out-of-bounds Read in bpf_skb_vlan_push
bpf
net
|
syz |
|
|
2 |
2502d |
2502d
|
8/28 |
2476d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
|
KASAN: use-after-free Read in skb_ensure_writable
bpf
net
|
C |
|
|
4 |
2505d |
2512d
|
8/28 |
2476d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
|
KASAN: use-after-free Read in bpf_tcp_close
bpf
|
C |
|
|
1748 |
2481d |
2520d
|
8/28 |
2476d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
|
BUG: unable to handle kernel paging request in bpf_prog_select_runtime
bpf
|
|
|
|
1 |
2492d |
2491d
|
8/28 |
2476d |
85782e037f8a
bpf: undo prog rejection on read-only lock failure
|
|
WARNING: kmalloc bug in xdp_umem_create
bpf
net
|
C |
|
|
7 |
2500d |
2506d
|
8/28 |
2476d |
a343993c518c
xsk: silence warning on memory allocation failure
|
|
KASAN: slab-out-of-bounds Read in bpf_skb_change_proto
bpf
net
|
C |
|
|
2 |
2505d |
2505d
|
8/28 |
2476d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
|
KASAN: slab-out-of-bounds Read in skb_ensure_writable
bpf
net
|
C |
|
|
9 |
2502d |
2512d
|
8/28 |
2476d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
|
KASAN: use-after-free Read in bpf_csum_update
bpf
net
|
C |
|
|
1 |
2514d |
2512d
|
8/28 |
2476d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
|
BUG: unable to handle kernel paging request in bpf_int_jit_compile
bpf
net
|
syz |
|
|
2 |
2488d |
2491d
|
8/28 |
2476d |
85782e037f8a
bpf: undo prog rejection on read-only lock failure
|
|
KASAN: use-after-free Write in bpf_tcp_close
bpf
|
C |
|
|
67 |
2483d |
2519d
|
8/28 |
2476d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
|
general protection fault in bpf_tcp_close
bpf
|
C |
|
|
421 |
2477d |
2520d
|
8/28 |
2476d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
54fedb42c653
bpf: sockmap, fix smap_list_map_remove when psock is in many maps
|
|
KASAN: slab-out-of-bounds Read in bpf_skb_change_head
bpf
net
|
C |
|
|
2 |
2502d |
2502d
|
8/28 |
2476d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
|
WARNING: kmalloc bug in map_get_next_key
bpf
|
C |
|
|
5 |
2529d |
2530d
|
8/28 |
2476d |
683d2ac3904c
bpf: fix sock hashmap kmalloc warning
|
|
KASAN: null-ptr-deref Write in xdp_umem_unaccount_pages
bpf
net
|
C |
|
|
25 |
2504d |
2508d
|
8/28 |
2476d |
c09290c56376
bpf, xdp: fix crash in xdp_umem_unaccount_pages
|
|
WARNING: kmalloc bug in memdup_user (3)
bpf
|
C |
|
|
137 |
2529d |
2530d
|
8/28 |
2476d |
683d2ac3904c
bpf: fix sock hashmap kmalloc warning
|
|
possible deadlock in bpf_tcp_close
bpf
|
C |
|
|
152 |
2518d |
2518d
|
8/28 |
2476d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
|
possible deadlock in perf_event_detach_bpf_prog
bpf
trace
|
|
|
|
1 |
2579d |
2578d
|
5/28 |
2538d |
3a38bb98d9ab
bpf/tracing: fix a deadlock in perf_event_detach_bpf_prog
|
|
WARNING: kmalloc bug in cpu_map_update_elem
bpf
net
|
C |
|
|
2677 |
2609d |
2620d
|
4/28 |
2609d |
7fc17e909edf
bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
|
|
general protection fault in SyS_bpf (2)
bpf
|
C |
|
|
1065 |
2609d |
2623d
|
4/28 |
2609d |
952fad8e3239
bpf: fix sock_map_alloc() error path
|
|
WARNING: kmalloc bug in bpf_prog_array_copy_info
bpf
|
C |
|
|
4424 |
2609d |
2622d
|
4/28 |
2609d |
9c481b908b01
bpf: fix bpf_prog_array_copy_to_user warning from perf event prog query
|
|
WARNING in kvmalloc_node
bpf
net
|
C |
|
|
513 |
2616d |
2622d
|
4/28 |
2609d |
7fc17e909edf
bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
|
|
general protection fault in ___bpf_prog_run
bpf
|
C |
|
|
8 |
2629d |
2636d
|
4/28 |
2623d |
65073a67331d
bpf: fix null pointer deref in bpf_prog_test_run_xdp
|
|
general protection fault in trie_get_next_key
bpf
|
C |
|
|
3 |
2640d |
2641d
|
4/28 |
2633d |
6dd1ec6c7a2c
bpf: fix kernel page fault in lpm map trie_get_next_key
|
|
KASAN: use-after-free Read in __bpf_prog_put
bpf
|
|
|
|
1 |
2655d |
2655d
|
4/28 |
2634d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
BUG: unable to handle kernel paging request in check_memory_region
bpf
|
C |
|
|
10 |
2651d |
2654d
|
4/28 |
2634d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
KASAN: use-after-free Read in map_lookup_elem
bpf
|
C |
|
|
6 |
2650d |
2654d
|
4/28 |
2634d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
suspicious RCU usage at ./include/linux/rcupdate.h:LINE (3)
bpf
|
C |
|
|
5087 |
2635d |
2644d
|
4/28 |
2635d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
|
BUG: sleeping function called from invalid context at mm/slab.h:LINE (2)
bpf
|
|
|
|
2 |
2643d |
2643d
|
4/28 |
2635d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
|
suspicious RCU usage at mm/slab.h:LINE
bpf
|
|
|
|
1 |
2643d |
2643d
|
4/28 |
2635d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
|
WARNING in xdp_rxq_info_unreg
bpf
net
|
C |
|
|
198 |
2644d |
2644d
|
4/28 |
2635d |
c13da21cdb80
tun: avoid calling xdp_rxq_info_unreg() twice
|
|
general protection fault in copy_verifier_state
bpf
|
C |
|
|
2 |
2668d |
2664d
|
4/28 |
2635d |
5896351ea936
bpf: fix verifier GPF in kmalloc failure path
|
|
general protection fault in free_verifier_state (2)
bpf
|
C |
|
|
2 |
2658d |
2658d
|
4/28 |
2635d |
5896351ea936
bpf: fix verifier GPF in kmalloc failure path
|
|
KASAN: slab-out-of-bounds Read in map_lookup_elem
bpf
|
C |
|
|
6 |
2651d |
2654d
|
4/28 |
2643d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
general protection fault in __bpf_map_put
bpf
|
C |
|
|
331 |
2649d |
2656d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
KASAN: use-after-free Read in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
21 |
2650d |
2656d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
BUG: unable to handle kernel paging request in fd_array_map_delete_elem
bpf
|
|
|
|
11 |
2650d |
2656d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
KASAN: slab-out-of-bounds Read in perf_event_fd_array_release
bpf
|
C |
|
|
96 |
2649d |
2656d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
KASAN: use-after-free Write in array_map_update_elem
bpf
|
C |
|
|
11 |
2650d |
2651d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
BUG: unable to handle kernel paging request in __bpf_map_put
bpf
|
|
|
|
1 |
2653d |
2653d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
WARNING in ___bpf_prog_run
bpf
|
C |
|
|
28 |
2649d |
2656d
|
4/28 |
2644d |
7891a87efc71
bpf: arsh is not supported in 32 bit alu thus reject it
|
|
KASAN: slab-out-of-bounds Read in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
7 |
2651d |
2655d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
WARNING in adjust_ptr_min_max_vals
bpf
|
C |
|
|
252 |
2646d |
2663d
|
4/28 |
2644d |
6f16101e6a8b
bpf: mark dst unknown on inconsistent {s, u}bounds adjustments
|
|
general protection fault in cgroup_fd_array_put_ptr
bpf
|
C |
|
|
219 |
2649d |
2656d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
BUG: unable to handle kernel paging request in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
5 |
2650d |
2654d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
divide error in ___bpf_prog_run
bpf
|
C |
|
|
28 |
2646d |
2654d
|
4/28 |
2644d |
68fda450a7df
bpf: fix 32-bit divide by zero
|
|
KASAN: slab-out-of-bounds Write in array_map_update_elem
bpf
|
C |
|
|
6 |
2652d |
2651d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
general protection fault in __bpf_prog_put
bpf
|
C |
|
|
212 |
2649d |
2656d
|
4/28 |
2644d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
|
general protection fault in free_verifier_state
bpf
|
C |
|
|
2 |
2676d |
2676d
|
3/28 |
2670d |
8c01c4f896aa
bpf: fix verifier NULL pointer dereference
|
|
general protection fault in bpf_check
bpf
|
|
|
|
3 |
2720d |
2725d
|
3/28 |
2700d |
8c01c4f896aa
bpf: fix verifier NULL pointer dereference
|