syzbot

Applied filters: Label=subsystems:bridge (drop)

Title	Repro	Cause bisect	Count	Last	Reported	Patched	Closed	Patch
INFO: rcu detected stall in br_handle_frame (5) bridge	syz		24	42d	70d	28/28	38d	a1494d532e28 netdevsim: use cond_resched() in nsim_dev_trap_report_work()
KASAN: slab-use-after-free Read in br_multicast_port_group_expired bridge			1	177d	177d	28/28	78d	92c4ee25208d net: bridge: mcast: wait for previous gc cycles when removing port
WARNING: suspicious RCU usage in br_mst_set_state (2) bridge			10	184d	195d	26/28	164d	546ceb1dfdac net: bridge: mst: fix suspicious rcu usage in br_mst_set_state 36c92936e868 net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state
KMSAN: uninit-value in br_dev_xmit (2) bridge	C		2	227d	223d	25/28	198d	8bd67ebb50c0 net: bridge: xmit: make sure we have at least eth header len bytes
WARNING: suspicious RCU usage in br_mst_set_state bridge			45	199d	232d	25/28	198d	3a7c1661ae13 net: bridge: mst: fix vlan use-after-free
KASAN: slab-out-of-bounds Read in update_counters bridge netfilter	C		3	259d	259d	25/28	212d	0c83842df40f netfilter: validate user input for expected length
KCSAN: data-race in br_handle_frame_finish / br_handle_frame_finish (8) bridge			1	461d	460d	25/28	366d	44bdb313da57 net: bridge: use DEV_STATS_INC()
WARNING in dev_index_reserve bridge	C	done	7120	438d	492d	23/28	436d	f534f6581ec0 net: validate veth and vxcan peer ifindexes 30188bd7838c rtnetlink: Reject negative ifindexes in RTM_NEWLINK
KASAN: vmalloc-out-of-bounds Read in __ebt_unregister_table bridge netfilter	C	error	4	672d	672d	22/28	561d	e58a171d35e3 netfilter: ebtables: fix table blob use-after-free
general protection fault in br_mst_info_size bridge	C	error	26	1002d	1006d	22/28	665d	cde3fc244b3d net: bridge: mst: prevent NULL deref in br_mst_info_size()
memory leak in do_replace netfilter bridge	C		1	827d	823d	22/28	665d	62ce44c4fff9 netfilter: ebtables: fix memory leak when blob is malformed
KASAN: slab-out-of-bounds Read in add_del_if bridge	C	unreliable	970	1228d	1205d	20/28	1137d	9384eacd80f3 net: core: don't call SIOCBRADD/DELIF for non-bridge devices
general protection fault in br_switchdev_fdb_notify bridge	C	error	82	1232d	1237d	20/28	1137d	0541a6293298 net: bridge: validate the NUD_PERMANENT bit when adding an extern_learn FDB entry
WARNING in compat_do_ebt_get_ctl bridge netfilter	C	done	15	1586d	1597d	15/28	1556d	5c04da55c754 netfilter: ebtables: reject bogus getopt len value
KASAN: slab-out-of-bounds Read in br_mrp_parse bridge	C	done	5	1674d	1675d	15/28	1617d	617504c67e01 bridge: mrp: Fix out-of-bounds read in br_mrp_parse
KASAN: use-after-free Read in br_dev_xmit bridge			1	1760d	1760d	15/28	1710d	823d81b0fa2c net: bridge: fix stale eth hdr pointer in br_dev_xmit
KMSAN: uninit-value in br_nf_forward_arp (3) bridge netfilter			2	1848d	1840d	15/28	1772d	5604285839aa net-backports: netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
KASAN: vmalloc-out-of-bounds Read in compat_copy_entries netfilter bridge	C	done	3	1833d	1833d	15/28	1772d	e608f631f0ba netfilter: ebtables: compat: reject all padding in matches/watchers
memory leak in fdb_create (2) bridge	C		1	1846d	1845d	15/28	1809d	c4b4c421857d net: bridge: deny dev_set_mac_address() when unregistering
memory leak in fdb_create bridge	C	done	4	1967d	2007d	12/28	1942d	d7bae09fa008 net: bridge: delete local fdb on device init failure
KASAN: use-after-free Read in brnf_exit_net bridge netfilter	syz	done	3	2008d	2011d	12/28	1965d	7e6daf50e1f4 netfilter: bridge: prevent UAF in brnf_exit_net()
KASAN: use-after-free Read in br_mdb_ip_get bridge			1	2155d	2154d	12/28	2030d	1515a63fc413 net: bridge: always clear mcast matching struct on reports and leaves
KMSAN: uninit-value in br_mdb_ip_get bridge			5	2095d	2153d	12/28	2031d	1515a63fc413 net: bridge: always clear mcast matching struct on reports and leaves
KASAN: use-after-free Read in br_multicast_rcv bridge			1	2113d	2113d	11/28	2095d	083b78a9ed64 ip: fix ip_mc_may_pull() return value
general protection fault in fdb_find_rcu bridge	C		3	2187d	2183d	11/28	2166d	f989d03ef25d net: rtnetlink: address is mandatory for rtnl_fdb_get
KASAN: use-after-free Read in nbp_vlan_rcu_free bridge			1	2231d	2231d	11/28	2206d	9d332e69c1dc net: bridge: fix vlan stats use-after-free on destruction
KMSAN: uninit-value in br_nf_forward_arp bridge netfilter			1	2395d	2392d	8/28	2348d	b84bbaf7a6c8 packet: in packet_snd start writing at link layer allocation
KMSAN: uninit-value in ebt_stp_mt_check (2) bridge netfilter	C		222	2356d	2388d	8/28	2356d	c568503ef020 netfilter: x_tables: initialise match/target check parameter struct
WARNING in ebt_do_table bridge netfilter	C		13	2365d	2390d	8/28	2356d	11ff7288beb2 netfilter: ebtables: reject non-bridge targets
KMSAN: uninit-value in ebt_stp_mt_check bridge netfilter	C		211	2389d	2434d	5/28	2388d	a4995684a949 netfilter: bridge: stp fix reference to uninitialized data
KASAN: stack-out-of-bounds Write in compat_copy_entries bridge netfilter	syz		10	2394d	2432d	5/28	2388d	94c752f99954 netfilter: ebtables: handle string from userspace with care
WARNING: kobject bug in br_add_if bridge			41	2419d	2445d	5/28	2411d	e8238fc2bd7b bridge: check iface upper dev when setting master via ioctl 3e14c6abbfb5 kobject: don't use WARN for registration failures
BUG: unable to handle kernel paging request in compat_copy_entries bridge netfilter	syz		5	2484d	2483d	5/28	2432d	b71812168571 netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
BUG: unable to handle kernel paging request in ebt_among_mt_check (2) bridge netfilter	C		946	2464d	2480d	4/28	2464d	c8d70a700a5b netfilter: bridge: ebt_among: add more missing match size checks
WARNING in compat_copy_entries bridge netfilter	C		434	2482d	2497d	4/28	2482d	b71812168571 netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
BUG: unable to handle kernel paging request in ebt_among_mt_check bridge netfilter	C		823	2482d	2497d	4/28	2482d	c4585a2823ed netfilter: bridge: ebt_among: add missing match size checks