|
KMSAN: uninit-value in cxusb_i2c_xfer
media
|
7 |
C |
|
|
556 |
87d |
139d
|
29/29 |
46d |
73fb3b92da84
media: cxusb: no longer judge rbuf when the write fails
|
|
KASAN: vmalloc-out-of-bounds Write in tpg_fill_plane_buffer (3)
media
|
23 |
C |
|
|
271 |
47d |
401d
|
29/29 |
46d |
f83ac8d30c43
media: vivid: Change the siize of the composing
|
|
KASAN: slab-use-after-free Read in vidtv_mux_init
media
|
19 |
syz |
|
|
5 |
119d |
165d
|
29/29 |
46d |
1d5f88f05348
media: vidtv: Terminating the subsequent process of initialization failure
|
|
general protection fault in ir_raw_event_store_with_filter
usb
media
|
24 |
C |
error |
|
879 |
193d |
1990d
|
28/29 |
73d |
f656cfbc7a29
media: streamzap: fix race between device disconnection and urb callback
|
|
WARNING in call_s_stream
media
|
-1 |
C |
|
|
83 |
154d |
513d
|
28/29 |
73d |
36cef585e2a3
media: vimc: skip .s_stream() for stopped entities
|
|
WARNING in iguanair_probe/usb_submit_urb (2)
media
|
-1 |
C |
done |
|
18 |
208d |
330d
|
28/29 |
108d |
b98d5000c505
media: rc: iguanair: handle timeouts
|
|
general protection fault in vidtv_mux_stop_thread
media
|
2 |
C |
|
|
9 |
209d |
236d
|
28/29 |
108d |
1221989555db
media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread
|
|
KMSAN: uninit-value in dib3000mb_attach (2)
usb
media
|
7 |
C |
|
|
4873 |
243d |
1764d
|
28/29 |
108d |
2dd59fe0e19e
media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg
|
|
WARNING in uvc_status_unregister
usb
media
|
-1 |
C |
done |
|
61256 |
199d |
306d
|
28/29 |
108d |
a67f75c2b5ec
media: uvcvideo: Fix deadlock during uvc_probe
|
|
WARNING in media_create_pad_link
usb
media
|
-1 |
C |
done |
done |
104 |
274d |
1926d
|
28/29 |
249d |
3dd075fe8ebb
media: uvcvideo: Require entities to have a non-zero unique ID
|
|
WARNING in __v4l2_ctrl_modify_dimensions
media
|
-1 |
C |
|
|
237 |
274d |
354d
|
28/29 |
249d |
9f070b1862f3
media: v4l2-core: v4l2-dv-timings: check cvt/gtf result
|
|
KASAN: use-after-free Read in __media_entity_remove_links
usb
media
|
19 |
C |
|
|
7 |
1978d |
2076d
|
25/29 |
597d |
68035c80e129
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
|
|
KASAN: slab-out-of-bounds Read in imon_probe
media
usb
|
17 |
syz |
|
|
2 |
705d |
727d
|
25/29 |
610d |
a1766a4fd83b
media: imon: fix access to invalid resource for the second interface
|
|
UBSAN: shift-out-of-bounds in set_flicker
usb
media
|
-1 |
syz |
|
|
5 |
656d |
736d
|
25/29 |
610d |
099be1822d1f
media: gspca: cpia1: shift-out-of-bounds in set_flicker
|
|
general protection fault in dma_fence_array_first
media
dri
|
2 |
C |
done |
|
7 |
1242d |
1242d
|
22/29 |
863d |
21d139d73f77
dma-buf/sync-file: fix logic error in new fence merge code
|
|
general protection fault in sg_alloc_append_table_from_pages
dri
media
|
11 |
C |
done |
|
477 |
942d |
1409d
|
22/29 |
910d |
2b6dd600dd72
udmabuf: validate ubuf->pagecount
|
|
KASAN: vmalloc-out-of-bounds Write in tpg_fill_plane_buffer (2)
media
|
23 |
C |
inconclusive |
done |
14 |
935d |
1447d
|
22/29 |
910d |
94a7ad928346
media: vivid: fix compose size exceed boundary
|
|
general protection fault in release_udmabuf
dri
media
|
8 |
C |
inconclusive |
|
31 |
1049d |
1100d
|
22/29 |
910d |
d9c04a1b7a15
udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
|
|
KMSAN: kernel-infoleak in v4l2_compat_put_array_args
media
|
17 |
|
|
|
8 |
1008d |
1312d
|
22/29 |
910d |
4e768c8e34e6
media: v4l2-compat-ioctl32.c: zero buffer passed to v4l2_compat_get_array_args()
|
|
KASAN: use-after-free Read in si470x_int_in_callback (2)
usb
media
|
19 |
C |
error |
|
7303 |
978d |
2135d
|
22/29 |
910d |
7d21e0b1b41b
media: si470x: Fix use-after-free in si470x_int_in_callback()
|
|
memory leak in airspy_probe
media
usb
|
3 |
C |
|
|
1 |
1111d |
1107d
|
22/29 |
910d |
23bc5eb55f8c
media: airspy: fix memory leak in airspy probe
|
|
memory leak in dvb_usb_device_init
media
usb
|
3 |
syz |
|
|
1 |
1016d |
1186d
|
22/29 |
910d |
94d90fb06b94
media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
|
|
linux-next boot error: WARNING: refcount bug in dvb_register_device
media
|
-1 |
|
|
|
42 |
990d |
998d
|
22/29 |
910d |
3a664569b71b
media: dvbdev: fix refcnt bug
|
|
KMSAN: uninit-value in dvb_usb_adapter_dvb_init (2)
media
usb
|
7 |
C |
|
|
34 |
1523d |
1739d
|
20/29 |
1255d |
c5453769f77c
media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
899a61a3305d
media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
|
|
KMSAN: uninit-value in legacy_dvb_usb_read_remote_control
media
usb
|
7 |
C |
|
|
186 |
1373d |
1714d
|
20/29 |
1263d |
afae4ef7d5ad
media: dvb-usb: fix ununit-value in az6027_rc_query
|
|
INFO: trying to register non-static key in mxl111sf_ctrl_msg
usb
media
|
-1 |
C |
|
|
73 |
2218d |
2322d
|
20/29 |
1263d |
44870a9e7a3c
media: mxl111sf: change mutex_init() location
|
|
BUG: corrupted list in em28xx_init_extension
usb
media
|
8 |
C |
error |
|
18 |
1494d |
2038d
|
20/29 |
1263d |
2c98b8a3458d
media: em28xx: add missing em28xx_close_extension
|
|
KMSAN: uninit-value in number (3)
media
|
7 |
C |
|
|
8575 |
1382d |
1625d
|
20/29 |
1382d |
eaaea4681984
media: gspca/sq905.c: fix uninitialized variable
|
|
memory leak in zr364xx_start_readpipe
media
usb
|
3 |
C |
|
|
2 |
1531d |
1558d
|
20/29 |
1382d |
0a045eac8d04
media: zr364xx: fix memory leak in zr364xx_start_readpipe
|
|
KMSAN: uninit-value in video_usercopy (2)
media
|
7 |
|
|
|
13058 |
1428d |
1620d
|
20/29 |
1382d |
c344f07aa1b4
media: v4l2-core: ignore native time32 ioctls on 64-bit
|
|
memory leak in hdcs_probe_1020
media
usb
|
3 |
C |
|
|
1 |
1609d |
1605d
|
20/29 |
1382d |
4f4e6644cd87
media: gscpa/stv06xx: fix memory leak
|
|
memory leak in dvb_create_media_graph
usb
media
|
3 |
C |
|
|
26 |
1587d |
1745d
|
20/29 |
1382d |
bf9a40ae8d72
media: dvbdev: Fix memory leak in dvb_media_device_free()
|
|
memory leak in hdcs_probe_1x00
media
usb
|
3 |
C |
|
|
1 |
1638d |
1638d
|
20/29 |
1382d |
4f4e6644cd87
media: gscpa/stv06xx: fix memory leak
|
|
memory leak in em28xx_dvb_init
media
usb
|
3 |
C |
|
|
1 |
1620d |
1620d
|
20/29 |
1382d |
0ae10a7dc899
media: em28xx: fix memory leak
|
|
memory leak in cinergyt2_fe_attach
usb
media
|
3 |
C |
|
|
3 |
1686d |
1744d
|
20/29 |
1382d |
9ad1efee086e
media: dvd_usb: memory leak in cinergyt2_fe_attach
|
|
general protection fault in udmabuf_create
dri
media
|
2 |
C |
done |
|
2 |
1476d |
1473d
|
20/29 |
1382d |
b9770b0b6eac
udmabuf: fix general protection fault in udmabuf_create
|
|
WARNING: zero-size vmalloc in dvb_dmx_init
media
usb
|
-1 |
C |
|
|
62 |
1504d |
1567d
|
20/29 |
1382d |
c680ed46e418
media: dvb-usb: fix wrong definition
|
|
WARNING in __vmalloc_node_range
usb
media
|
-1 |
C |
|
|
7 |
1568d |
1569d
|
20/29 |
1382d |
c680ed46e418
media: dvb-usb: fix wrong definition
|
|
memory leak in usb_urb_init
media
usb
|
3 |
C |
|
|
1 |
1694d |
1690d
|
20/29 |
1382d |
b7cd0da982e3
media: dvb-usb: fix memory leak in dvb_usb_adapter_init
|
|
memory leak in v4l2_ctrl_handler_init_class
usb
media
|
3 |
C |
|
|
12 |
1586d |
1639d
|
20/29 |
1382d |
9c39be40c015
media: drivers/media/usb: fix memory leak in zr364xx_probe
|
|
UBSAN: shift-out-of-bounds in mceusb_dev_printdata
media
usb
|
-1 |
C |
error |
|
331 |
1642d |
1710d
|
20/29 |
1596d |
9dec0f48a75e
media: mceusb: sanity check for prescaler value
|
|
UBSAN: shift-out-of-bounds in std_validate
media
|
-1 |
C |
unreliable |
|
2 |
1676d |
1676d
|
20/29 |
1596d |
048c96e28674
media: v4l2-ctrls.c: fix shift-out-of-bounds in std_validate
|
|
memory leak in zr364xx_probe
usb
media
|
3 |
C |
|
|
6 |
1650d |
1703d
|
20/29 |
1596d |
ea354b6ddd6f
media: zr364xx: fix memory leaks in probe()
|
|
UBSAN: shift-out-of-bounds in mceusb_dev_recv
media
usb
|
-1 |
C |
|
|
13 |
1642d |
1707d
|
20/29 |
1596d |
1b43bad31fb0
media: mceusb: Fix potential out-of-bounds shift
|
|
memory leak in video_usercopy
media
|
3 |
C |
|
|
19 |
1644d |
1707d
|
20/29 |
1596d |
fb18802a338b
media: v4l: ioctl: Fix memory leak in video_usercopy
|
|
kernel BUG at drivers/dma-buf/dma-buf.c:LINE!
dri
media
|
-1 |
syz |
error |
done |
11 |
1744d |
1994d
|
19/29 |
1626d |
e722a295cf49
staging: ion: remove from the tree
|
|
KASAN: global-out-of-bounds Read in precalculate_color
media
|
17 |
C |
done |
done |
170 |
1801d |
2094d
|
15/29 |
1740d |
e3158a5e7e66
media: vivid: Fix global-out-of-bounds read in precalculate_color()
|
|
UBSAN: array-index-out-of-bounds in precalculate_color
media
|
15 |
C |
|
|
153 |
1775d |
1800d
|
15/29 |
1740d |
e3158a5e7e66
media: vivid: Fix global-out-of-bounds read in precalculate_color()
|
|
WARNING in ati_remote_sendpacket/usb_submit_urb
usb
media
|
-1 |
C |
|
|
22 |
1911d |
2222d
|
15/29 |
1740d |
a8be80053ea7
media: ati_remote: sanity check for both endpoints
|
|
KASAN: use-after-free Read in rc_dev_uevent
media
|
19 |
|
|
|
1 |
1841d |
1841d
|
15/29 |
1793d |
4f0835d6677d
media: rc: uevent sysfs file races with rc_unregister_device()
|
|
KMSAN: uninit-value in video_usercopy
media
|
7 |
C |
|
|
28 |
1858d |
1857d
|
15/29 |
1793d |
4ffb879ea648
media: media/v4l2-core: Fix kernel-infoleak in video_put_user()
|
|
KASAN: null-ptr-deref Write in media_request_close
media
|
12 |
C |
done |
|
17 |
1843d |
1892d
|
15/29 |
1801d |
e30cc79cc80f
media: media-request: Fix crash if memory allocation fails
|
|
general protection fault in go7007_usb_probe
usb
media
|
2 |
C |
|
|
2103 |
1840d |
1949d
|
15/29 |
1801d |
137641287eb4
go7007: add sanity checking for endpoints
|
|
KASAN: use-after-free Read in dmabuffs_dname
dri
media
|
19 |
|
|
|
1 |
1998d |
1994d
|
15/29 |
1848d |
4ab59c3c638c
dma-buf: Move dma_buf_release() from fops to dentry_ops
|
|
WARNING in flexcop_usb_probe/usb_submit_urb
usb
media
|
-1 |
C |
|
|
4 |
2156d |
2193d
|
15/29 |
1990d |
1b976fc6d684
media: b2c2-flexcop-usb: add sanity checking
|
|
KASAN: user-memory-access Write in video_usercopy
media
|
23 |
|
|
|
3 |
2052d |
2053d
|
15/29 |
2012d |
1dc8b65c944e
media: v4l2-core: only zero-out ioctl-read buffers
|
|
KMSAN: uninit-value in sd_init (2)
media
usb
|
7 |
C |
|
|
94 |
2118d |
2114d
|
15/29 |
2012d |
de89d0864f66
media: gspca: zero usb_buf
|
|
KMSAN: uninit-value in digitv_rc_query
media
usb
|
7 |
C |
|
|
4 |
2130d |
2114d
|
15/29 |
2012d |
eecc70d22ae5
media: digitv: don't continue if remote control state can't be read
569bc8d6a6a5
media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0
|
|
KMSAN: uninit-value in number
media
usb
|
7 |
C |
|
|
190 |
2016d |
2114d
|
15/29 |
2012d |
51d0c99b391f
media: af9005: uninitialized variable printked
|
|
KMSAN: uninit-value in i2c_w (2)
media
usb
|
7 |
C |
|
|
3 |
2125d |
2114d
|
15/29 |
2012d |
de89d0864f66
media: gspca: zero usb_buf
|
|
KMSAN: uninit-value in read_sensor_register (2)
media
usb
|
7 |
C |
|
|
44 |
2119d |
2136d
|
15/29 |
2012d |
de89d0864f66
media: gspca: zero usb_buf
|
|
WARNING in uvc_scan_chain_forward
usb
media
|
-1 |
C |
|
|
6 |
2052d |
2076d
|
15/29 |
2012d |
68035c80e129
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
|
|
KMSAN: uninit-value in dvb_usb_adapter_dvb_init
media
|
7 |
|
|
|
1 |
2121d |
2114d
|
15/29 |
2012d |
26cff637121d
media: vp7045: do not read uninitialized values if usb transfer fails
|
|
KASAN: null-ptr-deref Read in refcount_sub_and_test_checked (2)
media
|
11 |
C |
inconclusive |
done |
916 |
2272d |
2473d
|
15/29 |
2012d |
62dcb4f41836
media: vb2: check memory model for VIDIOC_CREATE_BUFS
|
|
general protection fault in flexcop_usb_probe
usb
media
|
2 |
C |
|
|
403 |
2093d |
2324d
|
15/29 |
2080d |
1b976fc6d684
media: b2c2-flexcop-usb: add sanity checking
|
|
kernel BUG at kernel/time/timer.c:LINE! (4)
media
usb
|
-1 |
syz |
|
|
1 |
2149d |
2146d
|
15/29 |
2080d |
f3f5ba42c58d
media: imon: invalid dereference in imon_touch_event
|
|
INFO: trying to register non-static key in ida_destroy
usb
media
|
-1 |
C |
|
|
4272 |
2093d |
2216d
|
15/29 |
2080d |
8c279e9394ca
media: uvcvideo: Fix error path in control parsing failure
|
|
general protection fault in vb2_mmap
media
|
2 |
C |
inconclusive |
done |
21 |
2432d |
2476d
|
13/29 |
2111d |
cd26d1c4d1bc
media: vb2: vb2_mmap: move lock up
|
|
WARNING in dma_buf_vunmap
dri
media
|
-1 |
C |
done |
done |
17 |
2436d |
2475d
|
13/29 |
2111d |
62dcb4f41836
media: vb2: check memory model for VIDIOC_CREATE_BUFS
|
|
KASAN: use-after-free Write in __vb2_cleanup_fileio
media
|
24 |
C |
done |
inconclusive |
2 |
2486d |
2489d
|
13/29 |
2115d |
d65842f7126a
media: vb2: add waiting_in_dqbuf flag
|
|
WARNING in em28xx_usb_disconnect
usb
media
|
-1 |
C |
|
|
8 |
2172d |
2205d
|
13/29 |
2138d |
46e4a26615cc
media: em28xx: modules workqueue not inited for 2nd device
|
|
KASAN: use-after-free Read in si470x_int_in_callback
usb
media
|
19 |
C |
|
|
25 |
2147d |
2236d
|
13/29 |
2138d |
0d616f2a3fdb
media: radio/si470x: kill urb on error
|
|
KMSAN: uninit-value in read_sensor_register
media
usb
|
7 |
C |
|
|
25 |
2138d |
2268d
|
13/29 |
2138d |
4843a543fad3
media: gspca: zero usb_buf on error
|
|
KASAN: slab-out-of-bounds Read in hdpvr_probe
usb
media
|
17 |
C |
|
|
10 |
2174d |
2250d
|
13/29 |
2138d |
8b8900b729e4
media: hdpvr: add terminating 0 at end of string
|
|
KASAN: slab-out-of-bounds Read in technisat_usb2_rc_query
usb
media
|
17 |
C |
|
|
2236 |
2184d |
2322d
|
13/29 |
2138d |
0c4df39e504b
media: technisat-usb2: break out of loop at end of buffer
|
|
KASAN: global-out-of-bounds Read in dvb_pll_attach
media
usb
|
17 |
C |
|
|
2 |
2175d |
2235d
|
13/29 |
2138d |
c268e7adea52
media: dvb-frontends: use ida for pll number
|
|
KASAN: global-out-of-bounds Read in hdpvr_probe
usb
media
|
17 |
C |
|
|
15 |
2191d |
2304d
|
13/29 |
2138d |
d4a6a9537bc3
media: hdpvr: Add device num check and handling
|
|
KMSAN: uninit-value in i2c_w
usb
media
|
7 |
C |
|
|
2 |
2271d |
2271d
|
13/29 |
2138d |
4843a543fad3
media: gspca: zero usb_buf on error
|
|
KMSAN: uninit-value in sd_init
usb
media
|
7 |
C |
|
|
122 |
2138d |
2271d
|
13/29 |
2138d |
4843a543fad3
media: gspca: zero usb_buf on error
|
|
WARNING in iguanair_probe/usb_submit_urb
media
usb
|
-1 |
C |
|
|
3 |
2169d |
2219d
|
13/29 |
2138d |
ab1cbdf159be
media: iguanair: add sanity checks
|
|
KASAN: use-after-free Read in cpia2_usb_disconnect
usb
media
|
19 |
C |
|
|
3 |
2236d |
2320d
|
12/29 |
2209d |
eff73de2b160
media: cpia2_usb: first wake up, then free in disconnect
|
|
KASAN: slab-out-of-bounds Read in au0828_rc_unregister (2)
media
|
17 |
|
|
|
11 |
2280d |
2291d
|
12/29 |
2209d |
6d0d1ff9ff21
media: au0828: fix null dereference in error path
|
|
KASAN: null-ptr-deref Read in zr364xx_vidioc_querycap
usb
media
|
11 |
C |
|
|
76 |
2216d |
2307d
|
12/29 |
2209d |
5d2e73a5f80a
media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap
|
|
KASAN: use-after-free Read in v4l2_release
usb
media
|
19 |
C |
|
|
275 |
2217d |
2321d
|
12/29 |
2209d |
c666355e60dd
media: radio-raremono: change devm_k*alloc to k*alloc
|
|
general protection fault in smsusb_init_device
media
usb
|
2 |
C |
|
|
23 |
2279d |
2318d
|
12/29 |
2255d |
31e0456de5be
media: usb: siano: Fix general protection fault in smsusb
|
|
kernel BUG at arch/x86/mm/physaddr.c:LINE! (2)
media
|
-1 |
C |
done |
|
522 |
2261d |
2471d
|
12/29 |
2261d |
dad7e270ba71
media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
|
|
WARNING in get_q_data
media
|
-1 |
C |
|
|
649 |
2387d |
2397d
|
11/29 |
2339d |
db9a01b32ca9
media: vicodec: check type in g/s_selection
|
|
KMSAN: kernel-infoleak in video_usercopy
media
|
9 |
C |
|
|
410 |
2340d |
2439d
|
11/29 |
2339d |
f45f3f753b0a
media: v4l2-ctrls.c/uvc: zero v4l2_event
|
|
general protection fault in __vb2_queue_free
media
|
2 |
C |
|
|
38 |
2432d |
2488d
|
11/29 |
2416d |
62dcb4f41836
media: vb2: check memory model for VIDIOC_CREATE_BUFS
|
|
INFO: task hung in flush_workqueue
media
|
1 |
C |
|
|
293 |
2435d |
2486d
|
11/29 |
2416d |
52117be68b82
media: vim2m: use cancel_delayed_work_sync instead of flush_schedule_work
|
|
KASAN: null-ptr-deref Write in kthread_stop
media
|
12 |
C |
|
|
2527 |
2432d |
2489d
|
11/29 |
2416d |
701f49bc028e
media: vivid: fix error handling of kthread_run
|
|
divide error in vivid_vid_cap_s_dv_timings
media
|
2 |
C |
|
|
108 |
2432d |
2489d
|
11/29 |
2416d |
9729d6d282a6
media: vivid: set min width/height to a value > 0
|
|
KASAN: use-after-free Read in vb2_mmap
media
|
19 |
C |
|
|
276 |
2432d |
2488d
|
11/29 |
2416d |
cd26d1c4d1bc
media: vb2: vb2_mmap: move lock up
|
|
BUG: pagefault on kernel address ADDR in non-whitelisted uaccess
media
|
-1 |
C |
|
|
17 |
2440d |
2486d
|
11/29 |
2416d |
560ccb75c2ca
media: vivid: free bitmap_cap when updating std/timings/etc.
|
|
KASAN: global-out-of-bounds Read in tpg_print_str_4
media
|
17 |
C |
|
|
52 |
2454d |
2479d
|
11/29 |
2416d |
e5f71a27fa12
media: v4l2-tpg: array index could become negative
|
|
KASAN: null-ptr-deref Read in refcount_sub_and_test_checked
media
|
11 |
C |
|
|
31 |
2482d |
2513d
|
11/29 |
2475d |
fda21d46cce2
ipv6: do not leave garbage in rt->fib6_metrics
|