syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1312]
Subsystems
🐞 Fixed [7194]
🐞 Invalid [19006]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

Applied filters: Label=subsystems:sctp (drop)
Extra filters: [With Repro]
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Closed Patch
UBSAN: shift-out-of-bounds in sctp_transport_update_rto (2) sctp -1 1 235d 234d 29/29 172d 1534ff77757e sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto
KMSAN: uninit-value in sctp_inq_pop (3) sctp 7 C 9 251d 251d 29/29 172d 51e5ad549c43 net: sctp: fix KMSAN uninit-value in sctp_inq_pop
BUG: corrupted list in sctp_destroy_sock sctp 8 C done 10 230d 233d 29/29 172d 73edb26b06ea sctp: Don't inherit do_auto_asconf in sctp_clone_sock().
possible deadlock in sctp_sock_migrate (2) sctp 4 5 272d 296d 29/29 242d 9f7c02e03157 nbd: restrict sockets to TCP and UDP
KMSAN: uninit-value in sctp_inq_pop (2) sctp 7 C 4089 318d 1632d 29/29 262d fd60d8a08619 sctp: linearize cloned gso packets in sctp_rcv
KMSAN: uninit-value in sctp_assoc_bh_rcv sctp 7 C 258 318d 449d 29/29 262d fd60d8a08619 sctp: linearize cloned gso packets in sctp_rcv
KMSAN: uninit-value in __sctp_v6_cmp_addr (2) sctp 7 C 9 306d 306d 29/29 262d 2e8750469242 sctp: initialize more fields in sctp_v6_from_sk()
KMSAN: uninit-value in sctp_sf_ootb sctp 7 C 18 603d 671d 28/29 563d 0ead60804b64 sctp: properly validate chunk size in sctp_sf_ootb()
general protection fault in sctp_inet_listen sctp 2 1 653d 639d 28/29 592d 8beee4d8dee7 sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start
INFO: rcu detected stall in rtnl_newlink (4) sctp fs 1 C error 9 774d 850d 25/29 766d b1f532a3b1e6 batman-adv: Avoid infinite loop trying to resize local TT
memory leak in sctp_packet_transmit sctp 3 C 14 949d 2167d 25/29 824d 4e45170d9acc net: sctp: fix skb leak in sctp_inq_free()
KCSAN: data-race in sctp_poll / sctp_wfree (3) sctp 6 1 1036d 1035d 23/29 990d dc9511dd6f37 sctp: annotate data-races around sk->sk_wmem_queued
general protection fault in sctp_outq_tail sctp 8 C error 5 1182d 1193d 22/29 1116d 2584024b2355 sctp: check send stream number after wait_for_sndbuf
memory leak in sctp_sched_prio_set sctp 3 C 2 1313d 1318d 22/29 1220d 9ed7bfc79542 sctp: fix memory leak in sctp_stream_outq_migrate()
KASAN: use-after-free Write in sctp_auth_shkey_hold (2) sctp 22 C inconclusive 7 1371d 1371d 22/29 1220d 022152aaebe1 sctp: handle the error returned from sctp_auth_asoc_init_active_key
kernel panic: stack is corrupted in __kmalloc integrity lsm sctp 2 4 1225d 1479d 22/29 1220d b81d591386c3 riscv: Increase stack size under KASAN
general protection fault in sctp_rcv sctp 2 2 1738d 1741d 20/29 1573d f7e745f8e944 sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
KASAN: use-after-free Read in __lock_sock sctp 19 syz done error 26 1964d 2780d 20/29 1573d 5ec7d18d1813 sctp: use call_rcu to free endpoint
KASAN: use-after-free Read in sctp_do_8_2_transport_strike sctp 19 1 1896d 1895d 20/29 1691d 35b4f24415c8 sctp: do asoc update earlier in sctp_sf_do_dupcook_a
KASAN: use-after-free Write in sctp_auth_shkey_hold sctp 22 C done 4 1804d 1812d 20/29 1691d 58acd1009226 sctp: update active_key for asoc when old key is being replaced
possible deadlock in sctp_addr_wq_timeout_handler sctp 4 C done 8 1884d 1885d 20/29 1691d 01bfe5e8e428 Revert "net/sctp: fix race condition in sctp_destroy_sock"
KASAN: use-after-free Read in sctp_auth_free sctp 19 C done 4 2088d 2090d 15/29 2050d d42ee76ecb6c net-backports: sctp: fix sctp_auth_init_hmacs() error path
KASAN: slab-out-of-bounds Write in sctp_setsockopt sctp 21 C error 590 2162d 2167d 15/29 2110d dfd3d5266dc1 sctp: fix slab-out-of-bounds in SCTP_DELAYED_SACK processing
KASAN: wild-memory-access Read in sctp_setsockopt sctp 17 C 2 2144d 2144d 15/29 2110d 519a8a6cf91d net: Revert "net: optimize the sockptr_t for unified kernel/user address spaces"
WARNING: refcount bug in sctp_wfree sctp 13 C done 20 2280d 2301d 15/29 2240d 5c3e82fe1596 sctp: fix refcount bug in sctp_wfree
memory leak in _sctp_make_chunk sctp 3 C 1 2386d 2386d 15/29 2322d be7a77292077 sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY
memory leak in sctp_stream_init sctp 3 C 1 2387d 2387d 15/29 2326d 951c6db954a1 sctp: fix memleak on err handling of stream initialization
general protection fault in sctp_stream_free (2) sctp 2 C done 25 2371d 2382d 15/29 2326d 61d5d4062876 sctp: fix err handling of stream initialization
KCSAN: data-race in sctp_assoc_migrate / sctp_hash_obj sctp 6 12 2398d 2425d 15/29 2389d 312434617cb1 sctp: cache netns in sctp_ep_common
memory leak in sctp_get_port_local (3) sctp 3 C 4 2443d 2449d 13/29 2428d 63dfb7938b13 sctp: change sctp_prot .no_autobind with true
memory leak in sctp_stream_init_ext sctp 3 C 34 2450d 2585d 13/29 2435d 3c52b0af059e lib/generic-radix-tree.c: add kmemleak annotations
kernel BUG at include/linux/skbuff.h:LINE! (2) sctp -1 C done 58 2498d 2508d 13/29 2447d c7a42eb49212 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
KASAN: slab-out-of-bounds Read in sctp_inq_pop sctp 17 1 2500d 2498d 13/29 2447d c7a42eb49212 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
general protection fault in sctp_inq_pop sctp 2 4 2498d 2502d 13/29 2447d c7a42eb49212 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
memory leak in sctp_get_port_local (2) sctp 3 C 34 2457d 2516d 13/29 2454d 29b99f54a8e6 sctp: destroy bucket if failed to bind addr
memory leak in sctp_send_reset_streams sctp 3 C 7 2508d 2585d 13/29 2459d 6d5afe20397b sctp: fix memleak in sctp_send_reset_streams
memory leak in sctp_get_port_local sctp 3 C 28 2520d 2588d 12/29 2519d 9b6c08878e23 sctp: not bind the socket in sctp_connect
general protection fault in sctp_sched_prio_sched sctp 2 C done 3 2556d 2569d 12/29 2519d 4d1415811e49 sctp: fix error handling on stream scheduler initialization
memory leak in sctp_v6_create_accept_sk sctp 3 C 1 2583d 2583d 12/29 2526d 25bff6d5478b sctp: change to hold sk after auth shkey is created successfully
memory leak in sctp_v4_create_accept_sk sctp 3 C 1 2563d 2561d 12/29 2526d 25bff6d5478b sctp: change to hold sk after auth shkey is created successfully
memory leak in sctp_process_init sctp 3 C 10 2569d 2588d 12/29 2544d 0a8dd9f67cd0 Fix memory leak in sctp_process_init ce950f1050ce sctp: Free cookie before we memdup a new one
general protection fault in sctp_sched_dequeue_common (2) sctp 2 C done 3 2663d 2663d 12/29 2562d 2e990dfd1397 sctp: remove sched init from sctp_stream_init
KMSAN: kernel-infoleak in sctp_getsockopt (3) sctp 9 syz 11 2636d 2649d 12/29 2634d 09279e615c81 sctp: initialize _pad of sockaddr_in before copying to user memory
general protection fault in sctp_assoc_rwnd_increase sctp 2 C done 28 2650d 2665d 12/29 2636d 636d25d557d1 sctp: not copy sctp_sock pd_lobby in sctp_copy_descendant
general protection fault in sctp_sched_rr_dequeue sctp 2 C done 11 2661d 2671d 11/29 2649d 2e990dfd1397 sctp: remove sched init from sctp_stream_init
KASAN: use-after-free Read in sctp_outq_tail sctp 19 1 2693d 2693d 11/29 2671d af98c5a78517 sctp: set stream ext to NULL after freeing it in sctp_stream_outq_migrate
KASAN: invalid-free in sctp_stream_free sctp 24 C 5 2693d 2701d 11/29 2671d af98c5a78517 sctp: set stream ext to NULL after freeing it in sctp_stream_outq_migrate
general protection fault in sctp_sched_dequeue_common sctp 2 6 2686d 2776d 11/29 2671d cfe4bd7a257f sctp: check and update stream->out_curr when allocating stream_out
KMSAN: kernel-infoleak in sctp_getsockopt (2) sctp 9 C 16 2671d 2722d 11/29 2671d 400b8b9a2a17 sctp: allocate sctp_sockaddr_entry with kzalloc
KMSAN: kernel-infoleak in sctp_getsockopt sctp 9 syz 147 2726d 2762d 11/29 2725d 4a2eb0c37b47 sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event
KASAN: use-after-free Read in sctp_hash_transport sctp 19 1 2780d 2779d 11/29 2749d fb6df5a6234c sctp: kfree_rcu asoc
KASAN: use-after-free Read in sctp_epaddr_lookup_transport sctp 19 syz 5 2780d 2780d 11/29 2749d fb6df5a6234c sctp: kfree_rcu asoc
KASAN: slab-out-of-bounds Read in sctp_getsockopt sctp 17 C 9 2802d 2802d 11/29 2785d 713358369382 sctp: check policy more carefully when getting pr status
KASAN: use-after-free Read in sctp_outq_select_transport sctp 19 1 2805d 2805d 11/29 2785d df132eff4638 sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer
KASAN: use-after-free Read in sctp_id2assoc sctp 19 1 2824d 2824d 11/29 2798d b336decab221 sctp: fix race on sctp_id2asoc
KASAN: use-after-free Read in sctp_transport_get_next sctp 19 C 6 2862d 2865d 10/29 2847d bab1be79a516 sctp: hold transport before accessing its asoc in sctp_transport_get_next
WARNING in sctp_assoc_update_frag_point sctp -1 5 2902d 2924d 8/29 2882d a65925475571 sctp: fix the issue that pathmtu may be set lower than MINSEGMENT
INFO: rcu detected stall in kmem_cache_alloc_node_trace sctp 1 1 2999d 2981d 8/29 2911d 1d88ba1ebb27 sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: rcu detected stall in sctp_packet_transmit sctp 1 1 2966d 2965d 8/29 2911d 1d88ba1ebb27 sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: rcu detected stall in sctp_chunk_put sctp 1 1 2949d 2949d 8/29 2911d 1d88ba1ebb27 sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: rcu detected stall in sctp_generate_heartbeat_event sctp 1 2 2963d 2973d 8/29 2911d 1d88ba1ebb27 sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: rcu detected stall in save_stack_trace sctp 1 C 1 2961d 2960d 8/29 2911d 1d88ba1ebb27 sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: use-after-free Read in sctp_do_sm sctp 19 2 2972d 2973d 5/29 2964d 6910e25de225 sctp: remove sctp_chunk_put from fail_mark err path in sctp_ulpevent_make_rcvmsg
KMSAN: uninit-value in __sctp_v6_cmp_addr sctp 7 C 1109 2965d 2966d 5/29 2965d d625329b06e4 sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
KASAN: slab-out-of-bounds Read in __sctp_v6_cmp_addr sctp 17 C 3202 2976d 2988d 5/29 2965d d625329b06e4 sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
KASAN: use-after-free Read in sctp_association_free (2) sctp 19 C 2 3033d 3033d 5/29 2973d 0aee4c259849 sctp: Fix double free in sctp_sendmsg_to_asoc
BUG: corrupted list in sctp_association_free sctp 8 1 3033d 3029d 5/29 2973d d98985dd6c2d sctp: fix error return code in sctp_sendmsg_new_asoc()
KMSAN: uninit-value in sctp_do_bind sctp 7 C 31 2973d 3003d 5/29 2973d 81e98370293a sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
KMSAN: uninit-value in sctp_sendmsg sctp 7 syz 27 2973d 3003d 5/29 2973d 81e98370293a sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
WARNING in refcount_sub_and_test sctp -1 C 75150 3068d 3169d 4/29 3030d d04adf1b3551 sctp: reset owner sk for data chunks on out queues when migrating a sock
KASAN: slab-out-of-bounds Read in sctp_send_reset_streams sctp 17 C 73 3111d 3123d 4/29 3069d 2342b8d95bca sctp: make sure stream nums can match optlen in sctp_setsockopt_reset_streams
KASAN: use-after-free Read in sctp_association_free sctp 19 C 20 3145d 3161d 4/29 3069d ca3af4dd28cf sctp: do not free asoc when it is already dead in sctp_sendmsg
BUG: unable to handle kernel NULL pointer dereference in sctp_stream_free sctp 10 2 3114d 3112d 4/29 3070d 79d0895140e9 sctp: fix error path in sctp_stream_init
general protection fault in sctp_stream_free sctp 2 17 3116d 3157d 4/29 3070d 79d0895140e9 sctp: fix error path in sctp_stream_init
general protection fault in skb_segment sctp 2 C 7 3093d 3103d 4/29 3072d 121d57af308d gso: validate gso_type in GSO handlers
general protection fault in sctp_v6_get_dst sctp 2 C 6 3091d 3091d 4/29 3079d c5006b8aa745 sctp: do not allow the v4 socket to bind a v4mapped v6 address
WARNING: held lock freed! sctp -1 C 497 3082d 3093d 4/29 3079d a0ff660058b8 sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
kernel BUG at net/core/skbuff.c:LINE! sctp -1 5 3169d 3239d 3/29 3166d c780a049f9bf ipv4: better IP_MAX_MTU enforcement