syzbot

 sign-in | mailing list | source | docs
🐞 Open [1467]
Subsystems
🐞 Fixed [6722]
🐞 Invalid [17286]
Missing Backports [219]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

Applied filters: Label=subsystems:bridge (drop)
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Closed Patch
KASAN: slab-use-after-free Read in br_switchdev_fdb_populate bridge 19 1 15d 9d09h 24/29 never 8dca36978aa8 net: bridge: fix use-after-free due to MST port state bypass
WARNING in br_nf_local_in bridge netfilter -1 1 68d 64d 29/29 9d07h netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm
KASAN: slab-use-after-free Read in br_multicast_has_router_adjacent bridge 19 2 143d 140d 29/29 69d 7544f3f5b0b5 bridge: mcast: Fix use-after-free during router port configuration
KASAN: slab-use-after-free Read in br_multicast_add_router bridge 19 1 157d 152d 29/29 69d 7544f3f5b0b5 bridge: mcast: Fix use-after-free during router port configuration
INFO: rcu detected stall in br_handle_frame (5) bridge 1 syz 24 368d 396d 28/29 364d a1494d532e28 netdevsim: use cond_resched() in nsim_dev_trap_report_work()
KASAN: slab-use-after-free Read in br_multicast_port_group_expired bridge 19 1 503d 503d 28/29 405d 92c4ee25208d net: bridge: mcast: wait for previous gc cycles when removing port
WARNING: suspicious RCU usage in br_mst_set_state (2) bridge 4 10 510d 522d 26/29 491d 546ceb1dfdac net: bridge: mst: fix suspicious rcu usage in br_mst_set_state 36c92936e868 net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state
KMSAN: uninit-value in br_dev_xmit (2) bridge 7 C 2 553d 549d 25/29 525d 8bd67ebb50c0 net: bridge: xmit: make sure we have at least eth header len bytes
WARNING: suspicious RCU usage in br_mst_set_state bridge 4 45 525d 559d 25/29 525d 3a7c1661ae13 net: bridge: mst: fix vlan use-after-free
KASAN: slab-out-of-bounds Read in update_counters netfilter bridge 17 C 3 585d 585d 25/29 538d 0c83842df40f netfilter: validate user input for expected length
KCSAN: data-race in br_handle_frame_finish / br_handle_frame_finish (8) bridge 6 1 787d 786d 25/29 692d 44bdb313da57 net: bridge: use DEV_STATS_INC()
WARNING in dev_index_reserve bridge -1 C done 7120 764d 819d 23/29 762d f534f6581ec0 net: validate veth and vxcan peer ifindexes 30188bd7838c rtnetlink: Reject negative ifindexes in RTM_NEWLINK
KASAN: vmalloc-out-of-bounds Read in __ebt_unregister_table bridge netfilter 17 C error 4 998d 999d 22/29 888d e58a171d35e3 netfilter: ebtables: fix table blob use-after-free
general protection fault in br_mst_info_size bridge 2 C error 26 1329d 1332d 22/29 992d cde3fc244b3d net: bridge: mst: prevent NULL deref in br_mst_info_size()
memory leak in do_replace bridge netfilter 3 C 1 1153d 1149d 22/29 992d 62ce44c4fff9 netfilter: ebtables: fix memory leak when blob is malformed
KASAN: slab-out-of-bounds Read in add_del_if bridge 17 C unreliable 970 1555d 1531d 20/29 1463d 9384eacd80f3 net: core: don't call SIOCBRADD/DELIF for non-bridge devices
general protection fault in br_switchdev_fdb_notify bridge 2 C error 82 1559d 1564d 20/29 1463d 0541a6293298 net: bridge: validate the NUD_PERMANENT bit when adding an extern_learn FDB entry
WARNING in compat_do_ebt_get_ctl bridge netfilter -1 C done 15 1912d 1923d 15/29 1882d 5c04da55c754 netfilter: ebtables: reject bogus getopt len value
KASAN: slab-out-of-bounds Read in br_mrp_parse bridge 17 C done 5 2000d 2002d 15/29 1944d 617504c67e01 bridge: mrp: Fix out-of-bounds read in br_mrp_parse
KASAN: use-after-free Read in br_dev_xmit bridge 19 1 2086d 2086d 15/29 2037d 823d81b0fa2c net: bridge: fix stale eth hdr pointer in br_dev_xmit
KMSAN: uninit-value in br_nf_forward_arp (3) bridge netfilter 7 2 2174d 2167d 15/29 2098d 5604285839aa net-backports: netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
KASAN: vmalloc-out-of-bounds Read in compat_copy_entries bridge netfilter 17 C done 3 2159d 2160d 15/29 2098d e608f631f0ba netfilter: ebtables: compat: reject all padding in matches/watchers
memory leak in fdb_create (2) bridge 3 C 1 2172d 2172d 15/29 2135d c4b4c421857d net: bridge: deny dev_set_mac_address() when unregistering
memory leak in fdb_create bridge 3 C done 4 2294d 2333d 12/29 2269d d7bae09fa008 net: bridge: delete local fdb on device init failure
KASAN: use-after-free Read in brnf_exit_net netfilter bridge 19 syz done 3 2335d 2338d 12/29 2291d 7e6daf50e1f4 netfilter: bridge: prevent UAF in brnf_exit_net()
KASAN: use-after-free Read in br_mdb_ip_get bridge 19 1 2481d 2481d 12/29 2356d 1515a63fc413 net: bridge: always clear mcast matching struct on reports and leaves
KMSAN: uninit-value in br_mdb_ip_get bridge 7 5 2421d 2480d 12/29 2357d 1515a63fc413 net: bridge: always clear mcast matching struct on reports and leaves
KASAN: use-after-free Read in br_multicast_rcv bridge 19 1 2440d 2440d 11/29 2421d 083b78a9ed64 ip: fix ip_mc_may_pull() return value
general protection fault in fdb_find_rcu bridge 2 C 3 2513d 2509d 11/29 2493d f989d03ef25d net: rtnetlink: address is mandatory for rtnl_fdb_get
KASAN: use-after-free Read in nbp_vlan_rcu_free bridge 19 1 2557d 2557d 11/29 2532d 9d332e69c1dc net: bridge: fix vlan stats use-after-free on destruction
KMSAN: uninit-value in br_nf_forward_arp netfilter bridge 7 1 2721d 2718d 8/29 2675d b84bbaf7a6c8 packet: in packet_snd start writing at link layer allocation
KMSAN: uninit-value in ebt_stp_mt_check (2) netfilter bridge 7 C 222 2683d 2715d 8/29 2683d c568503ef020 netfilter: x_tables: initialise match/target check parameter struct
WARNING in ebt_do_table bridge netfilter -1 C 13 2691d 2716d 8/29 2683d 11ff7288beb2 netfilter: ebtables: reject non-bridge targets
KMSAN: uninit-value in ebt_stp_mt_check bridge netfilter 7 C 211 2715d 2760d 5/29 2715d a4995684a949 netfilter: bridge: stp fix reference to uninitialized data
KASAN: stack-out-of-bounds Write in compat_copy_entries bridge netfilter 23 syz 10 2720d 2758d 5/29 2715d 94c752f99954 netfilter: ebtables: handle string from userspace with care
WARNING: kobject bug in br_add_if bridge -1 41 2745d 2772d 5/29 2737d e8238fc2bd7b bridge: check iface upper dev when setting master via ioctl 3e14c6abbfb5 kobject: don't use WARN for registration failures
BUG: unable to handle kernel paging request in compat_copy_entries bridge netfilter 8 syz 5 2811d 2809d 5/29 2758d b71812168571 netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
BUG: unable to handle kernel paging request in ebt_among_mt_check (2) bridge netfilter 8 C 946 2791d 2807d 4/29 2791d c8d70a700a5b netfilter: bridge: ebt_among: add more missing match size checks
WARNING in compat_copy_entries bridge netfilter -1 C 434 2808d 2823d 4/29 2808d b71812168571 netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
BUG: unable to handle kernel paging request in ebt_among_mt_check netfilter bridge 8 C 823 2808d 2823d 4/29 2808d c4585a2823ed netfilter: bridge: ebt_among: add missing match size checks