|
general protection fault in rose_transmit_link (4)
hams
|
21 |
C |
error |
|
2058 |
44d |
114d
|
28/29 |
never |
e1f0a18c9564
net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect
|
|
KMSAN: uninit-value in sixpack_receive_buf (4)
hams
|
7 |
|
|
|
8 |
117d |
166d
|
28/29 |
never |
bf9a38803b26
net: hamradio: 6pack: fix uninit-value in sixpack_receive_buf
|
|
BUG: unable to handle kernel paging request in sk_skb_reason_drop
hams
|
22 |
C |
|
|
39 |
25d |
114d
|
29/29 |
3d20h |
ba1096c31528
netrom: fix double-free in nr_route_frame()
|
|
memory leak in nr_sendmsg
hams
|
3 |
C |
|
|
1 |
166d |
162d
|
29/29 |
109d |
613d12dd794e
netrom: Fix memory leak in nr_sendmsg()
|
|
possible deadlock in serial8250_handle_irq
hams
|
4 |
C |
|
|
180 |
222d |
1023d
|
29/29 |
192d |
38b04ed7072e
6pack: drop redundant locking and refcounting
|
|
general protection fault in rose_rt_ioctl
hams
|
2 |
C |
|
|
64 |
255d |
255d
|
29/29 |
213d |
1cc8a5b534e5
net: rose: fix a typo in rose_clear_routes()
|
|
KASAN: slab-use-after-free Read in rose_timer_expiry (3)
hams
|
19 |
|
|
|
6059 |
249d |
355d
|
29/29 |
213d |
da9c9c877597
net: rose: include node references in rose_neigh refcount
|
|
KASAN: slab-use-after-free Read in rose_get_neigh
hams
|
19 |
C |
error |
|
1449 |
306d |
698d
|
29/29 |
247d |
34a500caf48c
rose: fix dangling neighbour pointers in rose_rt_device_down()
|
|
WARNING: refcount bug in ax25_release (3)
hams
|
13 |
C |
done |
|
5256 |
408d |
713d
|
28/29 |
333d |
bca0902e6173
ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt
2f6efbabceb6
ax25: Remove broken autobind
|
|
BUG: soft lockup in rose_loopback_timer
hams
|
1 |
C |
|
|
1 |
464d |
460d
|
28/29 |
333d |
a1300691aed9
net: rose: lock the socket in rose_bind()
|
|
KASAN: slab-use-after-free Read in rose_timer_expiry (2)
hams
|
19 |
|
|
|
158 |
361d |
485d
|
28/29 |
360d |
5de7665e0a07
net: rose: fix timer races against user threads
|
|
possible deadlock in ax25_setsockopt
hams
|
4 |
|
|
|
2 |
487d |
494d
|
28/29 |
366d |
95fc45d1dea8
ax25: rcu protect dev->ax25_ptr
|
|
kernel BUG in nr_header
hams
|
-1 |
|
|
|
2 |
534d |
521d
|
28/29 |
368d |
a6d75ecee2bf
net: lapb: increase LAPB_HEADER_LEN
|
|
memory leak in nr_create (3)
hams
|
3 |
C |
|
|
9 |
871d |
1061d
|
26/29 |
669d |
0b9130247f3b
netrom: Fix a memory leak in nr_heartbeat_expiry()
|
|
possible deadlock in nr_rt_ioctl
hams
|
4 |
C |
inconclusive |
|
8 |
708d |
735d
|
25/29 |
701d |
e03e7f20ebf7
netrom: fix possible dead-lock in nr_rt_ioctl()
|
|
WARNING: refcount bug in ax25_release (2)
hams
|
13 |
C |
|
|
240 |
717d |
783d
|
25/29 |
717d |
467324bcfe1a
ax25: Fix netdev refcount issue
|
|
WARNING in rose_device_event
hams
|
-1 |
|
|
|
1 |
878d |
878d
|
25/29 |
838d |
64b8bc7d5f14
net/rose: fix races in rose_kill_by_device()
|
|
general protection fault in prepare_to_wait (2)
hams
|
8 |
syz |
inconclusive |
|
4 |
958d |
995d
|
23/29 |
941d |
c2f8fd794960
netrom: Deny concurrent connect().
|
|
KASAN: use-after-free Write in nr_release
hams
|
22 |
C |
done |
error |
1784 |
1080d |
2354d
|
22/29 |
1066d |
611792920925
netrom: Fix use-after-free caused by accept on already connected socket
|
|
WARNING: refcount bug in nr_release (4)
hams
|
13 |
C |
|
|
24 |
1181d |
1486d
|
22/29 |
1066d |
409db27e3a2e
netrom: Fix use-after-free of a listening socket.
|
|
KASAN: use-after-free Read in do_accept
hams
|
19 |
|
|
|
1 |
1212d |
1208d
|
22/29 |
1066d |
409db27e3a2e
netrom: Fix use-after-free of a listening socket.
|
|
memory leak in nr_create (2)
hams
|
3 |
C |
|
|
11 |
1137d |
1196d
|
22/29 |
1066d |
611792920925
netrom: Fix use-after-free caused by accept on already connected socket
|
|
general protection fault in ax25_send_frame (2)
hams
|
10 |
|
|
|
13 |
1282d |
1269d
|
22/29 |
1170d |
e97c089d7a49
rose: Fix NULL pointer dereference in rose_send_frame()
|
|
general protection fault in rose_send_frame (2)
hams
|
2 |
|
|
|
7 |
1284d |
1309d
|
22/29 |
1170d |
e97c089d7a49
rose: Fix NULL pointer dereference in rose_send_frame()
|
|
KASAN: use-after-free Read in sixpack_close
hams
|
19 |
C |
done |
|
879 |
1633d |
1637d
|
20/29 |
1523d |
81b1d548d00b
hamradio: remove needs_free_netdev to avoid UAF
|
|
memory leak in nr_create
hams
|
3 |
C |
|
|
250 |
1754d |
2539d
|
20/29 |
1642d |
517a16b1a88b
netrom: Decrease sock refcount when sock timers expire
|
|
KASAN: slab-out-of-bounds Write in decode_data
hams
|
21 |
C |
done |
error |
7 |
2192d |
2348d
|
20/29 |
1642d |
19d1532a1876
net: 6pack: fix slab-out-of-bounds in decode_data
|
|
KMSAN: uninit-value in ax25_connect
hams
|
7 |
C |
|
|
15 |
2070d |
2202d
|
15/29 |
2061d |
2f2a7ffad5c6
AX.25: Fix out-of-bounds read in ax25_connect()
|
|
KMSAN: uninit-value in __dev_get_by_name
hams
|
7 |
C |
|
|
2 |
2184d |
2184d
|
15/29 |
2122d |
687775cec056
ax25: fix setsockopt(SO_BINDTODEVICE)
|
|
WARNING: held lock freed! (2)
hams
|
-1 |
C |
done |
|
1 |
2501d |
2497d
|
12/29 |
2447d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in release_sock
hams
|
19 |
C |
done |
|
10 |
2471d |
2480d
|
12/29 |
2447d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in nr_release
hams
|
19 |
C |
done |
|
25 |
2449d |
2528d
|
12/29 |
2447d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in nr_insert_socket
hams
|
19 |
C |
done |
|
22 |
2471d |
2488d
|
12/29 |
2447d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in nr_rx_frame (2)
hams
|
19 |
C |
done |
|
3 |
2475d |
2483d
|
12/29 |
2447d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
memory leak in nr_rx_frame
hams
|
3 |
C |
|
|
5 |
2476d |
2539d
|
12/29 |
2469d |
c8c8218ec5af
netrom: fix a memory leak in nr_rx_frame()
|
|
inconsistent lock state in ax25_destroy_timer
hams
|
4 |
|
|
|
2 |
2519d |
2520d
|
12/29 |
2495d |
d4d5d8e83c96
ax25: fix inconsistent lock state in ax25_destroy_timer
|
|
inconsistent lock state in ax25_rt_autobind
hams
|
4 |
|
|
|
2 |
2519d |
2519d
|
12/29 |
2495d |
d4d5d8e83c96
ax25: fix inconsistent lock state in ax25_destroy_timer
|
|
INFO: rcu detected stall in rose_loopback_timer
hams
|
1 |
|
|
|
5 |
2555d |
2573d
|
12/29 |
2540d |
0453c6824595
net/rose: fix unbound loop in rose_loopback_timer()
|
|
KASAN: stack-out-of-bounds Write in rose_write_internal
hams
|
21 |
|
|
|
1 |
2614d |
2614d
|
12/29 |
2586d |
e5dcc0c3223c
net: rose: fix a possible stack overflow
|
|
general protection fault in ax25cmp
hams
|
2 |
C |
|
|
2294 |
2657d |
2689d
|
11/29 |
2622d |
b0cf029234f9
net/rose: fix NULL ax25_cb kernel panic
|
|
KASAN: use-after-free Read in refcount_inc_not_zero_checked
hams
|
19 |
syz |
|
|
24 |
2625d |
2685d
|
11/29 |
2622d |
63346650c1a9
netrom: switch to sock timer API
|
|
KASAN: use-after-free Read in kmemdup
hams
|
19 |
|
|
|
1 |
2668d |
2668d
|
11/29 |
2622d |
63530aba7826
ax25: fix possible use-after-free
|
|
WARNING: refcount bug in nr_release
hams
|
13 |
|
|
|
1 |
2681d |
2680d
|
11/29 |
2622d |
63346650c1a9
netrom: switch to sock timer API
|
|
inconsistent lock state in nr_find_socket
hams
|
4 |
C |
|
|
19 |
2673d |
2689d
|
11/29 |
2671d |
7314f5480f3e
netrom: fix locking in nr_find_socket()
|
|
kernel BUG at kernel/time/timer.c:LINE! (2)
hams
|
-1 |
C |
|
|
5 |
2684d |
2686d
|
11/29 |
2671d |
202700e30740
net/hamradio/6pack: use mod_timer() to rearm timers
|
|
KASAN: use-after-free Read in nr_rx_frame
hams
|
19 |
syz |
|
|
2 |
2678d |
2685d
|
11/29 |
2671d |
7314f5480f3e
netrom: fix locking in nr_find_socket()
|
|
possible deadlock in nr_destroy_socket
hams
|
4 |
syz |
|
|
20 |
2675d |
2685d
|
11/29 |
2671d |
7314f5480f3e
netrom: fix locking in nr_find_socket()
|
|
KASAN: use-after-free Read in ax25_fillin_cb
hams
|
19 |
syz |
|
|
4 |
2692d |
2689d
|
11/29 |
2671d |
c433570458e4
ax25: fix a use-after-free in ax25_fillin_cb()
|