|
memory leak in nr_sendmsg
hams
|
3 |
C |
|
|
1 |
14d |
10d
|
3/29 |
never |
netrom: Fix memory leak in nr_sendmsg()
|
|
possible deadlock in serial8250_handle_irq
hams
|
4 |
C |
|
|
180 |
70d |
871d
|
29/29 |
40d |
38b04ed7072e
6pack: drop redundant locking and refcounting
|
|
general protection fault in rose_rt_ioctl
hams
|
2 |
C |
|
|
64 |
103d |
103d
|
29/29 |
61d |
1cc8a5b534e5
net: rose: fix a typo in rose_clear_routes()
|
|
KASAN: slab-use-after-free Read in rose_timer_expiry (3)
hams
|
19 |
|
|
|
6059 |
97d |
203d
|
29/29 |
61d |
da9c9c877597
net: rose: include node references in rose_neigh refcount
|
|
KASAN: slab-use-after-free Read in rose_get_neigh
hams
|
19 |
C |
error |
|
1449 |
154d |
546d
|
29/29 |
95d |
34a500caf48c
rose: fix dangling neighbour pointers in rose_rt_device_down()
|
|
WARNING: refcount bug in ax25_release (3)
hams
|
13 |
C |
done |
|
5256 |
256d |
561d
|
28/29 |
181d |
bca0902e6173
ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt
2f6efbabceb6
ax25: Remove broken autobind
|
|
BUG: soft lockup in rose_loopback_timer
hams
|
1 |
C |
|
|
1 |
312d |
308d
|
28/29 |
181d |
a1300691aed9
net: rose: lock the socket in rose_bind()
|
|
KASAN: slab-use-after-free Read in rose_timer_expiry (2)
hams
|
19 |
|
|
|
158 |
209d |
333d
|
28/29 |
208d |
5de7665e0a07
net: rose: fix timer races against user threads
|
|
possible deadlock in ax25_setsockopt
hams
|
4 |
|
|
|
2 |
335d |
342d
|
28/29 |
214d |
95fc45d1dea8
ax25: rcu protect dev->ax25_ptr
|
|
kernel BUG in nr_header
hams
|
-1 |
|
|
|
2 |
382d |
369d
|
28/29 |
216d |
a6d75ecee2bf
net: lapb: increase LAPB_HEADER_LEN
|
|
memory leak in nr_create (3)
hams
|
3 |
C |
|
|
9 |
719d |
909d
|
26/29 |
517d |
0b9130247f3b
netrom: Fix a memory leak in nr_heartbeat_expiry()
|
|
possible deadlock in nr_rt_ioctl
hams
|
4 |
C |
inconclusive |
|
8 |
556d |
583d
|
25/29 |
549d |
e03e7f20ebf7
netrom: fix possible dead-lock in nr_rt_ioctl()
|
|
WARNING: refcount bug in ax25_release (2)
hams
|
13 |
C |
|
|
240 |
565d |
631d
|
25/29 |
565d |
467324bcfe1a
ax25: Fix netdev refcount issue
|
|
WARNING in rose_device_event
hams
|
-1 |
|
|
|
1 |
726d |
726d
|
25/29 |
686d |
64b8bc7d5f14
net/rose: fix races in rose_kill_by_device()
|
|
general protection fault in prepare_to_wait (2)
hams
|
8 |
syz |
inconclusive |
|
4 |
806d |
843d
|
23/29 |
788d |
c2f8fd794960
netrom: Deny concurrent connect().
|
|
KASAN: use-after-free Write in nr_release
hams
|
24 |
C |
done |
error |
1784 |
928d |
2202d
|
22/29 |
914d |
611792920925
netrom: Fix use-after-free caused by accept on already connected socket
|
|
WARNING: refcount bug in nr_release (4)
hams
|
13 |
C |
|
|
24 |
1029d |
1334d
|
22/29 |
914d |
409db27e3a2e
netrom: Fix use-after-free of a listening socket.
|
|
KASAN: use-after-free Read in do_accept
hams
|
19 |
|
|
|
1 |
1060d |
1056d
|
22/29 |
914d |
409db27e3a2e
netrom: Fix use-after-free of a listening socket.
|
|
memory leak in nr_create (2)
hams
|
3 |
C |
|
|
11 |
985d |
1044d
|
22/29 |
914d |
611792920925
netrom: Fix use-after-free caused by accept on already connected socket
|
|
general protection fault in ax25_send_frame (2)
hams
|
10 |
|
|
|
13 |
1130d |
1117d
|
22/29 |
1018d |
e97c089d7a49
rose: Fix NULL pointer dereference in rose_send_frame()
|
|
general protection fault in rose_send_frame (2)
hams
|
2 |
|
|
|
7 |
1132d |
1157d
|
22/29 |
1018d |
e97c089d7a49
rose: Fix NULL pointer dereference in rose_send_frame()
|
|
KASAN: use-after-free Read in sixpack_close
hams
|
19 |
C |
done |
|
879 |
1481d |
1485d
|
20/29 |
1371d |
81b1d548d00b
hamradio: remove needs_free_netdev to avoid UAF
|
|
memory leak in nr_create
hams
|
3 |
C |
|
|
250 |
1602d |
2387d
|
20/29 |
1490d |
517a16b1a88b
netrom: Decrease sock refcount when sock timers expire
|
|
KASAN: slab-out-of-bounds Write in decode_data
hams
|
23 |
C |
done |
error |
7 |
2040d |
2196d
|
20/29 |
1490d |
19d1532a1876
net: 6pack: fix slab-out-of-bounds in decode_data
|
|
KMSAN: uninit-value in ax25_connect
hams
|
7 |
C |
|
|
15 |
1918d |
2050d
|
15/29 |
1909d |
2f2a7ffad5c6
AX.25: Fix out-of-bounds read in ax25_connect()
|
|
KMSAN: uninit-value in __dev_get_by_name
hams
|
7 |
C |
|
|
2 |
2032d |
2032d
|
15/29 |
1970d |
687775cec056
ax25: fix setsockopt(SO_BINDTODEVICE)
|
|
WARNING: held lock freed! (2)
hams
|
-1 |
C |
done |
|
1 |
2349d |
2345d
|
12/29 |
2295d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in release_sock
hams
|
19 |
C |
done |
|
10 |
2319d |
2328d
|
12/29 |
2295d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in nr_release
hams
|
19 |
C |
done |
|
25 |
2297d |
2376d
|
12/29 |
2295d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in nr_insert_socket
hams
|
19 |
C |
done |
|
22 |
2319d |
2336d
|
12/29 |
2295d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in nr_rx_frame (2)
hams
|
19 |
C |
done |
|
3 |
2323d |
2331d
|
12/29 |
2295d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
memory leak in nr_rx_frame
hams
|
3 |
C |
|
|
5 |
2324d |
2387d
|
12/29 |
2317d |
c8c8218ec5af
netrom: fix a memory leak in nr_rx_frame()
|
|
inconsistent lock state in ax25_destroy_timer
hams
|
4 |
|
|
|
2 |
2367d |
2368d
|
12/29 |
2343d |
d4d5d8e83c96
ax25: fix inconsistent lock state in ax25_destroy_timer
|
|
inconsistent lock state in ax25_rt_autobind
hams
|
4 |
|
|
|
2 |
2367d |
2367d
|
12/29 |
2343d |
d4d5d8e83c96
ax25: fix inconsistent lock state in ax25_destroy_timer
|
|
INFO: rcu detected stall in rose_loopback_timer
hams
|
1 |
|
|
|
5 |
2403d |
2421d
|
12/29 |
2387d |
0453c6824595
net/rose: fix unbound loop in rose_loopback_timer()
|
|
KASAN: stack-out-of-bounds Write in rose_write_internal
hams
|
23 |
|
|
|
1 |
2462d |
2462d
|
12/29 |
2434d |
e5dcc0c3223c
net: rose: fix a possible stack overflow
|
|
general protection fault in ax25cmp
hams
|
2 |
C |
|
|
2294 |
2505d |
2537d
|
11/29 |
2470d |
b0cf029234f9
net/rose: fix NULL ax25_cb kernel panic
|
|
KASAN: use-after-free Read in refcount_inc_not_zero_checked
hams
|
19 |
syz |
|
|
24 |
2473d |
2533d
|
11/29 |
2470d |
63346650c1a9
netrom: switch to sock timer API
|
|
KASAN: use-after-free Read in kmemdup
hams
|
19 |
|
|
|
1 |
2516d |
2516d
|
11/29 |
2470d |
63530aba7826
ax25: fix possible use-after-free
|
|
WARNING: refcount bug in nr_release
hams
|
13 |
|
|
|
1 |
2529d |
2528d
|
11/29 |
2470d |
63346650c1a9
netrom: switch to sock timer API
|
|
inconsistent lock state in nr_find_socket
hams
|
4 |
C |
|
|
19 |
2521d |
2537d
|
11/29 |
2519d |
7314f5480f3e
netrom: fix locking in nr_find_socket()
|
|
kernel BUG at kernel/time/timer.c:LINE! (2)
hams
|
-1 |
C |
|
|
5 |
2532d |
2534d
|
11/29 |
2519d |
202700e30740
net/hamradio/6pack: use mod_timer() to rearm timers
|
|
KASAN: use-after-free Read in nr_rx_frame
hams
|
19 |
syz |
|
|
2 |
2526d |
2533d
|
11/29 |
2519d |
7314f5480f3e
netrom: fix locking in nr_find_socket()
|
|
possible deadlock in nr_destroy_socket
hams
|
4 |
syz |
|
|
20 |
2522d |
2533d
|
11/29 |
2519d |
7314f5480f3e
netrom: fix locking in nr_find_socket()
|
|
KASAN: use-after-free Read in ax25_fillin_cb
hams
|
19 |
syz |
|
|
4 |
2540d |
2537d
|
11/29 |
2519d |
c433570458e4
ax25: fix a use-after-free in ax25_fillin_cb()
|