|
KMSAN: uninit-value in cxusb_i2c_xfer
media
|
7 |
C |
|
|
556 |
91d |
144d
|
29/29 |
50d |
73fb3b92da84
media: cxusb: no longer judge rbuf when the write fails
|
|
KASAN: vmalloc-out-of-bounds Write in tpg_fill_plane_buffer (3)
media
|
23 |
C |
|
|
271 |
51d |
405d
|
29/29 |
50d |
f83ac8d30c43
media: vivid: Change the siize of the composing
|
|
KASAN: slab-use-after-free Read in vidtv_mux_init
media
|
19 |
syz |
|
|
5 |
124d |
169d
|
29/29 |
50d |
1d5f88f05348
media: vidtv: Terminating the subsequent process of initialization failure
|
|
general protection fault in ir_raw_event_store_with_filter
usb
media
|
24 |
C |
error |
|
879 |
197d |
1994d
|
28/29 |
77d |
f656cfbc7a29
media: streamzap: fix race between device disconnection and urb callback
|
|
WARNING in call_s_stream
media
|
-1 |
C |
|
|
83 |
158d |
517d
|
28/29 |
77d |
36cef585e2a3
media: vimc: skip .s_stream() for stopped entities
|
|
WARNING in iguanair_probe/usb_submit_urb (2)
media
|
-1 |
C |
done |
|
18 |
212d |
334d
|
28/29 |
112d |
b98d5000c505
media: rc: iguanair: handle timeouts
|
|
general protection fault in vidtv_mux_stop_thread
media
|
2 |
C |
|
|
9 |
214d |
240d
|
28/29 |
112d |
1221989555db
media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread
|
|
KMSAN: uninit-value in dib3000mb_attach (2)
usb
media
|
7 |
C |
|
|
4873 |
247d |
1768d
|
28/29 |
112d |
2dd59fe0e19e
media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg
|
|
WARNING in uvc_status_unregister
usb
media
|
-1 |
C |
done |
|
61256 |
203d |
310d
|
28/29 |
112d |
a67f75c2b5ec
media: uvcvideo: Fix deadlock during uvc_probe
|
|
WARNING in media_create_pad_link
usb
media
|
-1 |
C |
done |
done |
104 |
278d |
1930d
|
28/29 |
253d |
3dd075fe8ebb
media: uvcvideo: Require entities to have a non-zero unique ID
|
|
WARNING in __v4l2_ctrl_modify_dimensions
media
|
-1 |
C |
|
|
237 |
278d |
358d
|
28/29 |
253d |
9f070b1862f3
media: v4l2-core: v4l2-dv-timings: check cvt/gtf result
|
|
KASAN: use-after-free Read in __media_entity_remove_links
usb
media
|
19 |
C |
|
|
7 |
1982d |
2080d
|
25/29 |
601d |
68035c80e129
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
|
|
KASAN: slab-out-of-bounds Read in imon_probe
media
usb
|
17 |
syz |
|
|
2 |
709d |
731d
|
25/29 |
614d |
a1766a4fd83b
media: imon: fix access to invalid resource for the second interface
|
|
UBSAN: shift-out-of-bounds in set_flicker
usb
media
|
-1 |
syz |
|
|
5 |
660d |
740d
|
25/29 |
614d |
099be1822d1f
media: gspca: cpia1: shift-out-of-bounds in set_flicker
|
|
general protection fault in dma_fence_array_first
media
dri
|
2 |
C |
done |
|
7 |
1246d |
1246d
|
22/29 |
867d |
21d139d73f77
dma-buf/sync-file: fix logic error in new fence merge code
|
|
general protection fault in sg_alloc_append_table_from_pages
dri
media
|
11 |
C |
done |
|
477 |
947d |
1413d
|
22/29 |
914d |
2b6dd600dd72
udmabuf: validate ubuf->pagecount
|
|
KASAN: vmalloc-out-of-bounds Write in tpg_fill_plane_buffer (2)
media
|
23 |
C |
inconclusive |
done |
14 |
939d |
1451d
|
22/29 |
914d |
94a7ad928346
media: vivid: fix compose size exceed boundary
|
|
general protection fault in release_udmabuf
dri
media
|
8 |
C |
inconclusive |
|
31 |
1053d |
1104d
|
22/29 |
914d |
d9c04a1b7a15
udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
|
|
KMSAN: kernel-infoleak in v4l2_compat_put_array_args
media
|
17 |
|
|
|
8 |
1012d |
1316d
|
22/29 |
914d |
4e768c8e34e6
media: v4l2-compat-ioctl32.c: zero buffer passed to v4l2_compat_get_array_args()
|
|
KASAN: use-after-free Read in si470x_int_in_callback (2)
usb
media
|
19 |
C |
error |
|
7303 |
982d |
2139d
|
22/29 |
914d |
7d21e0b1b41b
media: si470x: Fix use-after-free in si470x_int_in_callback()
|
|
memory leak in airspy_probe
media
usb
|
3 |
C |
|
|
1 |
1116d |
1112d
|
22/29 |
914d |
23bc5eb55f8c
media: airspy: fix memory leak in airspy probe
|
|
memory leak in dvb_usb_device_init
media
usb
|
3 |
syz |
|
|
1 |
1020d |
1190d
|
22/29 |
914d |
94d90fb06b94
media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
|
|
linux-next boot error: WARNING: refcount bug in dvb_register_device
media
|
-1 |
|
|
|
42 |
994d |
1002d
|
22/29 |
914d |
3a664569b71b
media: dvbdev: fix refcnt bug
|
|
KMSAN: uninit-value in dvb_usb_adapter_dvb_init (2)
media
usb
|
7 |
C |
|
|
34 |
1527d |
1743d
|
20/29 |
1259d |
c5453769f77c
media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
899a61a3305d
media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
|
|
KMSAN: uninit-value in legacy_dvb_usb_read_remote_control
media
usb
|
7 |
C |
|
|
186 |
1377d |
1718d
|
20/29 |
1267d |
afae4ef7d5ad
media: dvb-usb: fix ununit-value in az6027_rc_query
|
|
INFO: trying to register non-static key in mxl111sf_ctrl_msg
usb
media
|
-1 |
C |
|
|
73 |
2222d |
2326d
|
20/29 |
1267d |
44870a9e7a3c
media: mxl111sf: change mutex_init() location
|
|
BUG: corrupted list in em28xx_init_extension
usb
media
|
8 |
C |
error |
|
18 |
1498d |
2042d
|
20/29 |
1267d |
2c98b8a3458d
media: em28xx: add missing em28xx_close_extension
|
|
KMSAN: uninit-value in number (3)
media
|
7 |
C |
|
|
8575 |
1386d |
1629d
|
20/29 |
1386d |
eaaea4681984
media: gspca/sq905.c: fix uninitialized variable
|
|
memory leak in zr364xx_start_readpipe
media
usb
|
3 |
C |
|
|
2 |
1535d |
1562d
|
20/29 |
1386d |
0a045eac8d04
media: zr364xx: fix memory leak in zr364xx_start_readpipe
|
|
KMSAN: uninit-value in video_usercopy (2)
media
|
7 |
|
|
|
13058 |
1432d |
1624d
|
20/29 |
1386d |
c344f07aa1b4
media: v4l2-core: ignore native time32 ioctls on 64-bit
|
|
memory leak in hdcs_probe_1020
media
usb
|
3 |
C |
|
|
1 |
1613d |
1609d
|
20/29 |
1386d |
4f4e6644cd87
media: gscpa/stv06xx: fix memory leak
|
|
memory leak in dvb_create_media_graph
usb
media
|
3 |
C |
|
|
26 |
1591d |
1749d
|
20/29 |
1386d |
bf9a40ae8d72
media: dvbdev: Fix memory leak in dvb_media_device_free()
|
|
memory leak in hdcs_probe_1x00
media
usb
|
3 |
C |
|
|
1 |
1642d |
1642d
|
20/29 |
1386d |
4f4e6644cd87
media: gscpa/stv06xx: fix memory leak
|
|
memory leak in em28xx_dvb_init
media
usb
|
3 |
C |
|
|
1 |
1624d |
1624d
|
20/29 |
1386d |
0ae10a7dc899
media: em28xx: fix memory leak
|
|
memory leak in cinergyt2_fe_attach
usb
media
|
3 |
C |
|
|
3 |
1690d |
1748d
|
20/29 |
1386d |
9ad1efee086e
media: dvd_usb: memory leak in cinergyt2_fe_attach
|
|
general protection fault in udmabuf_create
dri
media
|
2 |
C |
done |
|
2 |
1480d |
1477d
|
20/29 |
1386d |
b9770b0b6eac
udmabuf: fix general protection fault in udmabuf_create
|
|
WARNING: zero-size vmalloc in dvb_dmx_init
media
usb
|
-1 |
C |
|
|
62 |
1508d |
1572d
|
20/29 |
1386d |
c680ed46e418
media: dvb-usb: fix wrong definition
|
|
WARNING in __vmalloc_node_range
usb
media
|
-1 |
C |
|
|
7 |
1572d |
1573d
|
20/29 |
1386d |
c680ed46e418
media: dvb-usb: fix wrong definition
|
|
memory leak in usb_urb_init
media
usb
|
3 |
C |
|
|
1 |
1699d |
1695d
|
20/29 |
1386d |
b7cd0da982e3
media: dvb-usb: fix memory leak in dvb_usb_adapter_init
|
|
memory leak in v4l2_ctrl_handler_init_class
usb
media
|
3 |
C |
|
|
12 |
1590d |
1643d
|
20/29 |
1386d |
9c39be40c015
media: drivers/media/usb: fix memory leak in zr364xx_probe
|
|
UBSAN: shift-out-of-bounds in mceusb_dev_printdata
media
usb
|
-1 |
C |
error |
|
331 |
1646d |
1714d
|
20/29 |
1600d |
9dec0f48a75e
media: mceusb: sanity check for prescaler value
|
|
UBSAN: shift-out-of-bounds in std_validate
media
|
-1 |
C |
unreliable |
|
2 |
1680d |
1680d
|
20/29 |
1600d |
048c96e28674
media: v4l2-ctrls.c: fix shift-out-of-bounds in std_validate
|
|
memory leak in zr364xx_probe
usb
media
|
3 |
C |
|
|
6 |
1654d |
1707d
|
20/29 |
1600d |
ea354b6ddd6f
media: zr364xx: fix memory leaks in probe()
|
|
UBSAN: shift-out-of-bounds in mceusb_dev_recv
media
usb
|
-1 |
C |
|
|
13 |
1647d |
1711d
|
20/29 |
1600d |
1b43bad31fb0
media: mceusb: Fix potential out-of-bounds shift
|
|
memory leak in video_usercopy
media
|
3 |
C |
|
|
19 |
1648d |
1711d
|
20/29 |
1600d |
fb18802a338b
media: v4l: ioctl: Fix memory leak in video_usercopy
|
|
kernel BUG at drivers/dma-buf/dma-buf.c:LINE!
dri
media
|
-1 |
syz |
error |
done |
11 |
1748d |
1998d
|
19/29 |
1631d |
e722a295cf49
staging: ion: remove from the tree
|
|
KASAN: global-out-of-bounds Read in precalculate_color
media
|
17 |
C |
done |
done |
170 |
1805d |
2098d
|
15/29 |
1744d |
e3158a5e7e66
media: vivid: Fix global-out-of-bounds read in precalculate_color()
|
|
UBSAN: array-index-out-of-bounds in precalculate_color
media
|
15 |
C |
|
|
153 |
1779d |
1804d
|
15/29 |
1744d |
e3158a5e7e66
media: vivid: Fix global-out-of-bounds read in precalculate_color()
|
|
WARNING in ati_remote_sendpacket/usb_submit_urb
usb
media
|
-1 |
C |
|
|
22 |
1915d |
2226d
|
15/29 |
1744d |
a8be80053ea7
media: ati_remote: sanity check for both endpoints
|
|
KASAN: use-after-free Read in rc_dev_uevent
media
|
19 |
|
|
|
1 |
1845d |
1845d
|
15/29 |
1797d |
4f0835d6677d
media: rc: uevent sysfs file races with rc_unregister_device()
|
|
KMSAN: uninit-value in video_usercopy
media
|
7 |
C |
|
|
28 |
1862d |
1861d
|
15/29 |
1797d |
4ffb879ea648
media: media/v4l2-core: Fix kernel-infoleak in video_put_user()
|
|
KASAN: null-ptr-deref Write in media_request_close
media
|
12 |
C |
done |
|
17 |
1847d |
1896d
|
15/29 |
1805d |
e30cc79cc80f
media: media-request: Fix crash if memory allocation fails
|
|
general protection fault in go7007_usb_probe
usb
media
|
2 |
C |
|
|
2103 |
1844d |
1953d
|
15/29 |
1805d |
137641287eb4
go7007: add sanity checking for endpoints
|
|
KASAN: use-after-free Read in dmabuffs_dname
dri
media
|
19 |
|
|
|
1 |
2002d |
1998d
|
15/29 |
1852d |
4ab59c3c638c
dma-buf: Move dma_buf_release() from fops to dentry_ops
|
|
WARNING in flexcop_usb_probe/usb_submit_urb
usb
media
|
-1 |
C |
|
|
4 |
2160d |
2197d
|
15/29 |
1994d |
1b976fc6d684
media: b2c2-flexcop-usb: add sanity checking
|
|
KASAN: user-memory-access Write in video_usercopy
media
|
23 |
|
|
|
3 |
2056d |
2057d
|
15/29 |
2016d |
1dc8b65c944e
media: v4l2-core: only zero-out ioctl-read buffers
|
|
KMSAN: uninit-value in sd_init (2)
media
usb
|
7 |
C |
|
|
94 |
2122d |
2118d
|
15/29 |
2016d |
de89d0864f66
media: gspca: zero usb_buf
|
|
KMSAN: uninit-value in digitv_rc_query
media
usb
|
7 |
C |
|
|
4 |
2135d |
2118d
|
15/29 |
2016d |
eecc70d22ae5
media: digitv: don't continue if remote control state can't be read
569bc8d6a6a5
media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0
|
|
KMSAN: uninit-value in number
media
usb
|
7 |
C |
|
|
190 |
2020d |
2118d
|
15/29 |
2016d |
51d0c99b391f
media: af9005: uninitialized variable printked
|
|
KMSAN: uninit-value in i2c_w (2)
media
usb
|
7 |
C |
|
|
3 |
2129d |
2118d
|
15/29 |
2016d |
de89d0864f66
media: gspca: zero usb_buf
|
|
KMSAN: uninit-value in read_sensor_register (2)
media
usb
|
7 |
C |
|
|
44 |
2123d |
2141d
|
15/29 |
2016d |
de89d0864f66
media: gspca: zero usb_buf
|
|
WARNING in uvc_scan_chain_forward
usb
media
|
-1 |
C |
|
|
6 |
2056d |
2080d
|
15/29 |
2016d |
68035c80e129
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
|
|
KMSAN: uninit-value in dvb_usb_adapter_dvb_init
media
|
7 |
|
|
|
1 |
2126d |
2118d
|
15/29 |
2016d |
26cff637121d
media: vp7045: do not read uninitialized values if usb transfer fails
|
|
KASAN: null-ptr-deref Read in refcount_sub_and_test_checked (2)
media
|
11 |
C |
inconclusive |
done |
916 |
2276d |
2477d
|
15/29 |
2016d |
62dcb4f41836
media: vb2: check memory model for VIDIOC_CREATE_BUFS
|
|
general protection fault in flexcop_usb_probe
usb
media
|
2 |
C |
|
|
403 |
2098d |
2328d
|
15/29 |
2084d |
1b976fc6d684
media: b2c2-flexcop-usb: add sanity checking
|
|
kernel BUG at kernel/time/timer.c:LINE! (4)
media
usb
|
-1 |
syz |
|
|
1 |
2153d |
2150d
|
15/29 |
2084d |
f3f5ba42c58d
media: imon: invalid dereference in imon_touch_event
|
|
INFO: trying to register non-static key in ida_destroy
usb
media
|
-1 |
C |
|
|
4272 |
2097d |
2220d
|
15/29 |
2084d |
8c279e9394ca
media: uvcvideo: Fix error path in control parsing failure
|
|
general protection fault in vb2_mmap
media
|
2 |
C |
inconclusive |
done |
21 |
2436d |
2481d
|
13/29 |
2115d |
cd26d1c4d1bc
media: vb2: vb2_mmap: move lock up
|
|
WARNING in dma_buf_vunmap
dri
media
|
-1 |
C |
done |
done |
17 |
2440d |
2479d
|
13/29 |
2115d |
62dcb4f41836
media: vb2: check memory model for VIDIOC_CREATE_BUFS
|
|
KASAN: use-after-free Write in __vb2_cleanup_fileio
media
|
24 |
C |
done |
inconclusive |
2 |
2490d |
2493d
|
13/29 |
2119d |
d65842f7126a
media: vb2: add waiting_in_dqbuf flag
|
|
WARNING in em28xx_usb_disconnect
usb
media
|
-1 |
C |
|
|
8 |
2176d |
2209d
|
13/29 |
2142d |
46e4a26615cc
media: em28xx: modules workqueue not inited for 2nd device
|
|
KASAN: use-after-free Read in si470x_int_in_callback
usb
media
|
19 |
C |
|
|
25 |
2151d |
2240d
|
13/29 |
2142d |
0d616f2a3fdb
media: radio/si470x: kill urb on error
|
|
KMSAN: uninit-value in read_sensor_register
media
usb
|
7 |
C |
|
|
25 |
2142d |
2272d
|
13/29 |
2142d |
4843a543fad3
media: gspca: zero usb_buf on error
|
|
KASAN: slab-out-of-bounds Read in hdpvr_probe
usb
media
|
17 |
C |
|
|
10 |
2178d |
2254d
|
13/29 |
2142d |
8b8900b729e4
media: hdpvr: add terminating 0 at end of string
|
|
KASAN: slab-out-of-bounds Read in technisat_usb2_rc_query
usb
media
|
17 |
C |
|
|
2236 |
2188d |
2326d
|
13/29 |
2142d |
0c4df39e504b
media: technisat-usb2: break out of loop at end of buffer
|
|
KASAN: global-out-of-bounds Read in dvb_pll_attach
media
usb
|
17 |
C |
|
|
2 |
2179d |
2239d
|
13/29 |
2142d |
c268e7adea52
media: dvb-frontends: use ida for pll number
|
|
KASAN: global-out-of-bounds Read in hdpvr_probe
usb
media
|
17 |
C |
|
|
15 |
2195d |
2308d
|
13/29 |
2142d |
d4a6a9537bc3
media: hdpvr: Add device num check and handling
|
|
KMSAN: uninit-value in i2c_w
usb
media
|
7 |
C |
|
|
2 |
2276d |
2275d
|
13/29 |
2142d |
4843a543fad3
media: gspca: zero usb_buf on error
|
|
KMSAN: uninit-value in sd_init
usb
media
|
7 |
C |
|
|
122 |
2142d |
2275d
|
13/29 |
2142d |
4843a543fad3
media: gspca: zero usb_buf on error
|
|
WARNING in iguanair_probe/usb_submit_urb
media
usb
|
-1 |
C |
|
|
3 |
2173d |
2223d
|
13/29 |
2142d |
ab1cbdf159be
media: iguanair: add sanity checks
|
|
KASAN: use-after-free Read in cpia2_usb_disconnect
usb
media
|
19 |
C |
|
|
3 |
2240d |
2324d
|
12/29 |
2213d |
eff73de2b160
media: cpia2_usb: first wake up, then free in disconnect
|
|
KASAN: slab-out-of-bounds Read in au0828_rc_unregister (2)
media
|
17 |
|
|
|
11 |
2284d |
2295d
|
12/29 |
2213d |
6d0d1ff9ff21
media: au0828: fix null dereference in error path
|
|
KASAN: null-ptr-deref Read in zr364xx_vidioc_querycap
usb
media
|
11 |
C |
|
|
76 |
2220d |
2311d
|
12/29 |
2213d |
5d2e73a5f80a
media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap
|
|
KASAN: use-after-free Read in v4l2_release
usb
media
|
19 |
C |
|
|
275 |
2221d |
2325d
|
12/29 |
2213d |
c666355e60dd
media: radio-raremono: change devm_k*alloc to k*alloc
|
|
general protection fault in smsusb_init_device
media
usb
|
2 |
C |
|
|
23 |
2283d |
2322d
|
12/29 |
2259d |
31e0456de5be
media: usb: siano: Fix general protection fault in smsusb
|
|
kernel BUG at arch/x86/mm/physaddr.c:LINE! (2)
media
|
-1 |
C |
done |
|
522 |
2265d |
2475d
|
12/29 |
2265d |
dad7e270ba71
media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
|
|
WARNING in get_q_data
media
|
-1 |
C |
|
|
649 |
2391d |
2401d
|
11/29 |
2343d |
db9a01b32ca9
media: vicodec: check type in g/s_selection
|
|
KMSAN: kernel-infoleak in video_usercopy
media
|
9 |
C |
|
|
410 |
2344d |
2443d
|
11/29 |
2343d |
f45f3f753b0a
media: v4l2-ctrls.c/uvc: zero v4l2_event
|
|
general protection fault in __vb2_queue_free
media
|
2 |
C |
|
|
38 |
2436d |
2492d
|
11/29 |
2420d |
62dcb4f41836
media: vb2: check memory model for VIDIOC_CREATE_BUFS
|
|
INFO: task hung in flush_workqueue
media
|
1 |
C |
|
|
293 |
2439d |
2490d
|
11/29 |
2420d |
52117be68b82
media: vim2m: use cancel_delayed_work_sync instead of flush_schedule_work
|
|
KASAN: null-ptr-deref Write in kthread_stop
media
|
12 |
C |
|
|
2527 |
2436d |
2493d
|
11/29 |
2420d |
701f49bc028e
media: vivid: fix error handling of kthread_run
|
|
divide error in vivid_vid_cap_s_dv_timings
media
|
2 |
C |
|
|
108 |
2436d |
2493d
|
11/29 |
2420d |
9729d6d282a6
media: vivid: set min width/height to a value > 0
|
|
KASAN: use-after-free Read in vb2_mmap
media
|
19 |
C |
|
|
276 |
2436d |
2492d
|
11/29 |
2420d |
cd26d1c4d1bc
media: vb2: vb2_mmap: move lock up
|
|
BUG: pagefault on kernel address ADDR in non-whitelisted uaccess
media
|
-1 |
C |
|
|
17 |
2444d |
2490d
|
11/29 |
2420d |
560ccb75c2ca
media: vivid: free bitmap_cap when updating std/timings/etc.
|
|
KASAN: global-out-of-bounds Read in tpg_print_str_4
media
|
17 |
C |
|
|
52 |
2458d |
2483d
|
11/29 |
2420d |
e5f71a27fa12
media: v4l2-tpg: array index could become negative
|
|
KASAN: null-ptr-deref Read in refcount_sub_and_test_checked
media
|
11 |
C |
|
|
31 |
2486d |
2517d
|
11/29 |
2479d |
fda21d46cce2
ipv6: do not leave garbage in rt->fib6_metrics
|