|
KMSAN: uninit-value in ieee80211_radiotap_iterator_next
wireless
|
7 |
|
|
|
3 |
16d |
14d
|
25/29 |
never |
c854758abe0b
wifi: radiotap: reject radiotap with unknown bits
|
|
KASAN: slab-out-of-bounds Read in ieee80211_add_virtual_monitor
wireless
|
19 |
C |
|
|
989 |
57d |
107d
|
29/29 |
36d |
cbf0dc37bb4e
wifi: mac80211: fix list iteration in ieee80211_add_virtual_monitor()
|
|
WARNING in ieee80211_determine_chan_mode
wireless
|
-1 |
C |
|
|
1 |
81d |
91d
|
29/29 |
36d |
99067b58a408
wifi: mac80211: don't WARN for connections on invalid channels
|
|
WARNING in ieee80211_ocb_rx_no_sta (2)
wireless
|
-1 |
C |
|
|
7 |
84d |
100d
|
29/29 |
36d |
ff4071c60018
wifi: mac80211: ocb: skip rx_no_sta when interface is not joined
|
|
KASAN: slab-use-after-free Read in cmp_bss
wireless
|
19 |
C |
|
|
13 |
182d |
204d
|
29/29 |
125d |
26e84445f02c
wifi: cfg80211: fix use-after-free in cmp_bss()
|
|
WARNING in _ieee80211_sta_cur_vht_bw
wireless
|
-1 |
C |
|
|
52 |
237d |
250d
|
29/29 |
180d |
58fcb1b4287c
wifi: mac80211: reject VHT opmode for unsupported channel widths
|
|
WARNING in ieee80211_tdls_oper
wireless
|
-1 |
C |
|
|
6 |
271d |
295d
|
29/29 |
180d |
16ecdab5446f
wifi: mac80211: reject TDLS operations when station is not associated
|
|
KASAN: invalid-free in nl80211_dump_station
wireless
|
24 |
|
|
|
5 |
230d |
244d
|
29/29 |
180d |
9a44b5e36cd6
wifi: cfg80211: fix double free for link_sinfo in nl80211_station_dump()
|
|
UBSAN: array-index-out-of-bounds in ieee80211_request_ibss_scan (2)
wireless
|
15 |
|
|
|
238 |
225d |
234d
|
29/29 |
180d |
444020f4bf06
wifi: cfg80211: remove scan request n_channels counted_by
|
|
WARNING in ath6kl_bmi_get_target_info (2)
usb
wireless
|
-1 |
C |
error |
|
10349 |
241d |
579d
|
29/29 |
209d |
e7417421d893
wifi: ath6kl: remove WARN on bad firmware input
|
|
WARNING in sta_info_insert_rcu (4)
wireless
|
-1 |
C |
|
|
27 |
258d |
470d
|
29/29 |
209d |
d1b1a5eb27c4
wifi: mac80211: drop invalid source address OCB frames
|
|
UBSAN: array-index-out-of-bounds in cfg80211_inform_bss_frame_data
wireless
|
15 |
C |
done |
|
4 |
265d |
264d
|
29/29 |
209d |
a85b8544d463
wifi: remove zero-length arrays
|
|
WARNING in __ieee80211_beacon_get
wireless
|
-1 |
C |
done |
|
143787 |
246d |
1975d
|
29/29 |
209d |
d19bac3d4edc
wifi: mac80211: don't WARN for late channel/color switch
|
|
divide error in mac80211_hwsim_set_tsf
wireless
|
2 |
syz |
|
|
1 |
329d |
325d
|
29/29 |
239d |
c575f5374be7
wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled
|
|
UBSAN: array-index-out-of-bounds in ieee80211_request_ibss_scan
wireless
|
15 |
C |
error |
|
29652 |
239d |
309d
|
29/29 |
239d |
82bbe02b2500
wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request
|
|
INFO: trying to register non-static key in cfg80211_dev_free
wireless
|
-1 |
C |
|
|
304 |
331d |
351d
|
28/29 |
266d |
fc88dee89d7b
wifi: cfg80211: init wiphy_work before allocating rfkill fails
|
|
WARNING in restore_regulatory_settings (3)
wireless
|
-1 |
C |
inconclusive |
error |
2 |
428d |
511d
|
28/29 |
266d |
59b348be7597
wifi: cfg80211: regulatory: improve invalid hints checking
|
|
WARNING in drv_remove_interface
wireless
|
-1 |
C |
done |
inconclusive |
29 |
372d |
1968d
|
28/29 |
266d |
49f27f29446a
wifi: nl80211: reject cooked mode if it is set along with other flags
|
|
possible deadlock in ieee80211_remove_interfaces
wireless
|
4 |
C |
error |
|
326122 |
360d |
544d
|
28/29 |
301d |
e759e1e4a4bd
net: revert RTNL changes in unregister_netdevice_many_notify()
|
|
bpf-next test error: possible deadlock in ieee80211_remove_interfaces
wireless
|
-1 |
|
|
|
4 |
398d |
403d
|
28/29 |
301d |
e759e1e4a4bd
net: revert RTNL changes in unregister_netdevice_many_notify()
|
|
bpf test error: possible deadlock in ieee80211_remove_interfaces
wireless
|
-1 |
|
|
|
12 |
377d |
404d
|
28/29 |
301d |
e759e1e4a4bd
net: revert RTNL changes in unregister_netdevice_many_notify()
|
|
WARNING in ieee80211_set_active_links
wireless
|
-1 |
C |
|
|
2 |
411d |
428d
|
28/29 |
301d |
7553477cbfd7
wifi: mac80211: prohibit deactivating all links
|
|
general protection fault in dev_prep_valid_name
wireless
|
2 |
C |
done |
|
792 |
429d |
472d
|
28/29 |
301d |
48327566769a
rtnetlink: fix double call of rtnl_link_get_net_ifla()
|
|
net-next test error: possible deadlock in ieee80211_remove_interfaces
wireless
|
-1 |
|
|
|
9 |
405d |
411d
|
28/29 |
301d |
e759e1e4a4bd
net: revert RTNL changes in unregister_netdevice_many_notify()
|
|
possible deadlock in cleanup_net (3)
wireless
|
4 |
|
|
|
6 |
398d |
400d
|
28/29 |
301d |
e759e1e4a4bd
net: revert RTNL changes in unregister_netdevice_many_notify()
|
|
WARNING in mac80211_hwsim_config_mac_nl
wireless
|
-1 |
|
|
|
85 |
446d |
478d
|
28/29 |
301d |
52cebabb1264
wifi: mac80211: fix vif addr when switching from monitor to station
|
|
INFO: task hung in _cfg80211_unregister_wdev (2)
wireless
|
1 |
|
|
|
552 |
397d |
405d
|
28/29 |
301d |
e759e1e4a4bd
net: revert RTNL changes in unregister_netdevice_many_notify()
|
|
KASAN: slab-use-after-free Write in kvfree_call_rcu
wireless
|
22 |
|
|
|
2 |
506d |
502d
|
28/29 |
474d |
d5fee261dfd9
wifi: cfg80211: clear wdev->cqm_config pointer on free
|
|
WARNING in kcov_remote_start (5)
wireless
|
-1 |
|
|
|
4243 |
497d |
597d
|
28/29 |
497d |
7d4df2dad312
kcov: properly check for softirq context
9313d139aa25
usb: gadget: dummy_hcd: execute hrtimer callback in softirq context
|
|
WARNING in __rate_control_send_low (2)
wireless
|
-1 |
C |
done |
|
3233 |
497d |
649d
|
28/29 |
497d |
e7a7ef9a0742
wifi: mac80211: don't use rate mask for offchannel TX either
|
|
KASAN: use-after-free Read in rtw_load_firmware_cb
usb
wireless
|
19 |
C |
|
|
848 |
523d |
586d
|
28/29 |
497d |
0e735a4c6137
wifi: rtw88: always wait for both firmware loading attempts
|
|
KMSAN: uninit-value in skb_trim (2)
wireless
|
7 |
|
|
|
5 |
540d |
570d
|
28/29 |
497d |
94745807f3eb
wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit
|
|
KMSAN: uninit-value in cfg80211_inform_bss_frame_data
wireless
|
7 |
|
|
|
6 |
579d |
587d
|
27/29 |
558d |
6873cc441607
wifi: cfg80211: correct S1G beacon length calculation
|
|
WARNING in _ieee80211_change_chanctx
wireless
|
-1 |
|
|
|
7 |
596d |
673d
|
27/29 |
566d |
23daf1b4c91d
wifi: nl80211: disallow setting special AP channel widths
|
|
WARNING in __cfg80211_connect_result (2)
wireless
|
-1 |
C |
error |
|
232 |
580d |
645d
|
27/29 |
566d |
b5d14b0c6716
wifi: virt_wifi: avoid reporting connection success with wrong SSID
|
|
BUG: soft lockup in mld_ifc_work (2)
wireless
|
1 |
C |
|
|
2 |
661d |
673d
|
26/29 |
574d |
d1cba2ea8121
wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values
|
|
WARNING in ieee80211_rx_list (2)
wireless
|
-1 |
|
|
|
4 |
613d |
615d
|
26/29 |
574d |
321028bc45f0
wifi: mac80211: disable softirqs for queued frame handling
|
|
INFO: task hung in ieee80211_unregister_hw
wireless
|
1 |
|
|
|
151 |
606d |
642d
|
26/29 |
602d |
d864319871b0
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
|
|
WARNING in rdev_scan
wireless
|
-1 |
C |
done |
|
3 |
625d |
630d
|
26/29 |
602d |
0941772342d5
wifi: cfg80211: wext: set ssids=NULL for passive scans
|
|
INFO: task hung in cfg80211_dfs_channels_update_work (7)
wireless
|
1 |
|
|
|
37 |
617d |
621d
|
26/29 |
602d |
d864319871b0
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
|
|
INFO: task hung in crda_timeout_work (7)
wireless
|
1 |
|
|
|
1084 |
604d |
648d
|
26/29 |
602d |
d864319871b0
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
|
|
INFO: task hung in reg_check_chans_work (6)
wireless
|
1 |
C |
error |
|
129 |
605d |
678d
|
26/29 |
602d |
d864319871b0
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
|
|
INFO: task hung in regdb_fw_cb
wireless
|
1 |
|
|
|
596 |
606d |
647d
|
26/29 |
602d |
d864319871b0
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
|
|
KASAN: slab-out-of-bounds Read in cfg80211_wext_freq
wireless
|
17 |
C |
inconclusive |
|
133 |
617d |
643d
|
26/29 |
602d |
6ef09cdc5ba0
wifi: cfg80211: wext: add extra SIOCSIWSCAN data check
|
|
WARNING in ieee80211_link_info_change_notify (2)
wireless
|
-1 |
C |
inconclusive |
|
8918 |
631d |
1099d
|
26/29 |
623d |
02c665f048a4
wifi: mac80211: apply mcast rate only if interface is up
|
|
WARNING in ieee80211_rx_list
wireless
|
-1 |
C |
inconclusive |
error |
3489 |
634d |
1986d
|
26/29 |
623d |
177c6ae9725d
wifi: mac80211: handle tasklet frames before stopping
|
|
WARNING in ar5523_cmd/usb_submit_urb
usb
wireless
|
-1 |
C |
error |
|
39 |
669d |
2225d
|
25/29 |
636d |
e120b6388d7d
wifi: ar5523: enable proper endpoint verification
|
|
WARNING in carl9170_usb_send_rx_irq_urb/usb_submit_urb
usb
wireless
|
-1 |
C |
error |
inconclusive |
18 |
680d |
1824d
|
25/29 |
636d |
b6dd09b3dac8
wifi: carl9170: add a proper sanity check for endpoints
|
|
KMSAN: uninit-value in ieee80211_rx_handlers (2)
wireless
|
7 |
C |
|
|
4 |
689d |
707d
|
25/29 |
650d |
7c1c73bf84c5
wifi: mac80211: check EHT/TTLM action frame length
|
|
WARNING in __rate_control_send_low
wireless
|
-1 |
C |
inconclusive |
|
2759 |
650d |
1966d
|
25/29 |
650d |
ab9177d83c04
wifi: mac80211: don't use rate mask for scanning
|
|
KMSAN: uninit-value in ieee80211_amsdu_to_8023s
wireless
|
7 |
C |
|
|
4 |
729d |
736d
|
25/29 |
692d |
9ad797485692
wifi: cfg80211: check A-MSDU format more carefully
|
|
WARNING in ieee80211_bss_info_change_notify (2)
wireless
|
-1 |
C |
done |
|
1392 |
728d |
873d
|
25/29 |
707d |
f78c1375339a
wifi: nl80211: reject iftype change with mesh ID change
|
|
WARNING: suspicious RCU usage in __cfg80211_bss_update
wireless
|
4 |
C |
done |
|
92 |
788d |
790d
|
25/29 |
763d |
1184950e341c
wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
|
|
WARNING in rate_control_rate_init (2)
wireless
|
-1 |
C |
done |
|
9 |
804d |
975d
|
25/29 |
773d |
c1393c132b90
wifi: mac80211: check if the existing link config remains unchanged
|
|
WARNING in ieee80211_rfkill_poll
wireless
|
-1 |
C |
|
|
684 |
813d |
846d
|
25/29 |
773d |
8e2f6f236621
wifi: cfg80211: lock wiphy mutex for rfkill poll
|
|
possible deadlock in rfkill_send_events
wireless
|
4 |
C |
done |
|
22 |
866d |
876d
|
25/29 |
803d |
f2ac54ebf856
net: rfkill: reduce data->mtx scope in rfkill_fop_open
|
|
WARNING in ieee80211_get_ringparam
wireless
|
-1 |
C |
done |
|
151 |
890d |
897d
|
25/29 |
804d |
6b348f6e34ce
wifi: mac80211: ethtool: always hold wiphy mutex
|
|
possible deadlock in ieee80211_change_mac
wireless
|
4 |
|
|
|
1 |
877d |
873d
|
25/29 |
804d |
74a7c93f45ab
wifi: mac80211: fix change_address deadlock during unregister
|
|
WARNING in ieee80211_probe_client
wireless
|
-1 |
C |
done |
error |
124 |
905d |
1974d
|
23/29 |
873d |
67dfa589aa88
wifi: mac80211: check for station first in client probe
|
|
WARNING in sta_info_insert_rcu (3)
wireless
|
-1 |
C |
done |
|
6 |
921d |
962d
|
23/29 |
873d |
5d4e04bf3a0f
wifi: cfg80211: reject auth/assoc to AP with our address
|
|
KMSAN: uninit-value in hwsim_cloned_frame_received_nl
wireless
|
7 |
C |
|
|
8315 |
917d |
1986d
|
23/29 |
873d |
fba360a047d5
wifi: mac80211_hwsim: drop short frames
|
|
KMSAN: uninit-value in ieee80211_rx_handlers
wireless
|
7 |
C |
|
|
8 |
918d |
974d
|
23/29 |
873d |
19e4a47ee747
wifi: mac80211: check S1G action frame size
|
|
WARNING in ieee80211_bss_info_change_notify
wireless
|
-1 |
C |
done |
|
7725 |
873d |
1978d
|
23/29 |
873d |
abc76cf552e1
wifi: cfg80211: ocb: don't leave if not joined
|
|
KMSAN: uninit-value in __netif_receive_skb_core
wireguard
wireless
|
19 |
C |
done |
|
353 |
913d |
2882d
|
23/29 |
873d |
dc644b540a2d
tcx: Fix splat in ingress_destroy upon tcx_entry_free
|
|
memory leak in htc_connect_service
wireless
|
3 |
C |
|
|
1 |
1022d |
1103d
|
23/29 |
887d |
061b0cb9327b
wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
|
|
INFO: trying to register non-static key in skb_queue_tail
wireless
|
-1 |
C |
unreliable |
done |
171 |
978d |
2080d
|
23/29 |
887d |
061b0cb9327b
wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
|
|
KMSAN: uninit-value in ath9k_wmi_ctrl_rx
wireless
|
7 |
C |
|
|
45 |
971d |
1093d
|
23/29 |
887d |
f24292e82708
wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
|
|
memory leak in hwsim_new_radio_nl
wireless
|
3 |
C |
|
|
1 |
1027d |
1026d
|
22/29 |
976d |
098abbd48ec1
mac80211_hwsim: fix memory leak in hwsim_new_radio_nl
|
|
general protection fault in free_percpu (2)
wireless
|
2 |
|
|
|
1 |
1145d |
1145d
|
22/29 |
999d |
80f8a66dede0
Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
|
|
memory leak in ath9k_hif_usb_rx_cb
wireless
|
3 |
C |
|
|
1 |
1175d |
1171d
|
22/29 |
999d |
0af54343a762
wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
|
|
general protection fault in jhash
wireless
|
2 |
C |
done |
done |
15 |
1048d |
1067d
|
22/29 |
999d |
2bef4d1fb8b3
wifi: mac80211_hwsim: fix potential NULL deref in hwsim_pmsr_report_nl()
|
|
memory leak in ath9k_hif_usb_firmware_cb
wireless
|
3 |
C |
|
|
1591 |
1143d |
1939d
|
22/29 |
999d |
9b25e3985477
wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function
|
|
memory leak in regulatory_hint_core
wireless
|
3 |
C |
|
|
2 |
1198d |
1226d
|
22/29 |
999d |
399ab7fe0fa0
net: sched: fix memory leak in tcindex_set_parms
|
|
WARNING in ath6kl_htc_pipe_rx_complete
usb
wireless
|
-1 |
C |
error |
|
2008 |
1038d |
2308d
|
22/29 |
999d |
75c4a8154cb6
wifi: ath6kl: reduce WARN to dev_dbg() in callback
|
|
general protection fault in skb_dequeue (3)
wireless
|
2 |
C |
done |
|
6 |
1117d |
1126d
|
22/29 |
999d |
33b3b041543e
splice: Add a func to do a splice from an O_DIRECT file without ITER_PIPE
|
|
memory leak in __build_skb (3)
wireless
|
3 |
C |
|
|
2 |
1159d |
1157d
|
22/29 |
999d |
9b25e3985477
wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function
|
|
INFO: trying to register non-static key in ieee80211_do_stop
wireless
|
-1 |
C |
error |
|
70591 |
1288d |
1328d
|
22/29 |
1103d |
aa40d5a43526
wifi: mac80211: do not abuse fq.lock in ieee80211_do_stop()
wifi: mac80211: do not abuse fq.lock in ieee80211_do_stop()
|
|
WARNING: lock held when returning to user space in ieee80211_change_mac
wireless
|
4 |
|
|
|
1 |
1253d |
1249d
|
22/29 |
1103d |
ceb3d688f922
wifi: mac80211: unlock on error in ieee80211_can_powered_addr_change()
|
|
general protection fault in ath9k_hif_usb_rx_cb (2)
wireless
|
2 |
C |
error |
|
1678 |
1301d |
2055d
|
22/29 |
1103d |
0ac4827f78c7
ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
|
|
upstream boot error: general protection fault in ieee80211_register_hw
wireless
|
-1 |
|
|
|
1 |
1296d |
1296d
|
22/29 |
1103d |
9993a4f989c7
virtio: Revert "virtio: find_vqs() add arg sizes"
|
|
KASAN: use-after-free Read in ar5523_cmd_tx_cb
usb
wireless
|
19 |
C |
inconclusive |
|
372 |
1199d |
1254d
|
22/29 |
1103d |
b6702a942a06
wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
|
|
KMSAN: kernel-usb-infoleak in hif_usb_send
wireless
|
9 |
C |
|
|
18149 |
1411d |
2030d
|
22/29 |
1103d |
d1e0df1c57bd
ath9k_htc: fix uninit value bugs
|
|
WARNING in wireless_send_event
wireless
|
-1 |
C |
|
|
210 |
1219d |
1257d
|
22/29 |
1103d |
e3e6e1d16a4c
wifi: wext: use flex array destination for memcpy()
|
|
KMSAN: uninit-value in ath9k_htc_rx_msg
wireless
|
7 |
C |
|
|
17731 |
1113d |
2032d
|
22/29 |
1103d |
b383e8abed41
wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
|
|
WARNING in ieee80211_link_info_change_notify
wireless
|
-1 |
C |
inconclusive |
|
1376 |
1103d |
1346d
|
22/29 |
1103d |
591e73ee3f73
wifi: mac80211: properly skip link info driver update
|
|
general protection fault in ieee80211_subif_start_xmit (2)
wireless
|
2 |
C |
error |
|
5 |
1220d |
1227d
|
22/29 |
1103d |
780854186946
wifi: mac80211: fix general-protection-fault in ieee80211_subif_start_xmit()
|
|
upstream boot error: stack segment fault in kvmalloc_node
wireless
|
-1 |
|
|
|
1 |
1297d |
1297d
|
22/29 |
1103d |
9993a4f989c7
virtio: Revert "virtio: find_vqs() add arg sizes"
|
|
upstream boot error: WARNING in wiphy_register
wireless
|
-1 |
|
|
|
1 |
1296d |
1296d
|
22/29 |
1103d |
9993a4f989c7
virtio: Revert "virtio: find_vqs() add arg sizes"
|
|
WARNING in wdev_chandef
wireless
|
-1 |
|
|
|
12 |
1305d |
1347d
|
22/29 |
1103d |
206bbcf76121
wifi: nl80211: hold wdev mutex for tid config
|
|
WARNING in cfg80211_ch_switch_notify
wireless
|
-1 |
C |
done |
|
744 |
1304d |
1347d
|
22/29 |
1103d |
77e7b6ba78ed
wifi: cfg80211: handle IBSS in channel switch
|
|
WARNING in hif_usb_send/usb_submit_urb
wireless
|
-1 |
C |
unreliable |
done |
374 |
1184d |
1975d
|
22/29 |
1103d |
16ef02bad239
wifi: ath9k: verify the expected usb_endpoints are present
|
|
KASAN: use-after-free Read in ieee80211_scan_rx (3)
wireless
|
19 |
|
|
|
10 |
1300d |
1407d
|
22/29 |
1103d |
60deb9f10eec
wifi: mac80211: Fix UAF in ieee80211_scan_rx()
|
|
INFO: task hung in ath6kl_usb_power_off
wireless
|
1 |
|
|
|
7454 |
1300d |
2066d
|
22/29 |
1103d |
62ebaf2f9261
ath6kl: avoid flush_scheduled_work() usage
|
|
WARNING in ieee80211_ibss_csa_beacon
wireless
|
-1 |
C |
error |
|
4997 |
1103d |
1972d
|
22/29 |
1103d |
15bc8966b6d3
wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
|
|
general protection fault in ieee80211_chanctx_num_assigned
wireless
|
2 |
C |
inconclusive |
done |
15 |
1540d |
1974d
|
20/29 |
1390d |
563fbefed46a
cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
|
|
KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb (3)
wireless
usb
|
17 |
C |
unreliable |
done |
7 |
1479d |
1883d
|
20/29 |
1448d |
6ce708f54cc8
ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
|
|
memory leak in reg_copy_regd
wireless
|
3 |
C |
|
|
1 |
1689d |
1685d
|
20/29 |
1456d |
e53e9828a8d2
cfg80211: always free wiphy specific regdomain
|
|
KASAN: null-ptr-deref Write in rhashtable_free_and_destroy (2)
wireless
|
12 |
C |
unreliable |
|
38 |
1520d |
1785d
|
20/29 |
1456d |
8b5cb7e41d9d
mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh
|
|
INFO: task hung in disconnect_work
wireless
|
1 |
C |
inconclusive |
done |
3 |
1566d |
1841d
|
20/29 |
1456d |
563fbefed46a
cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
|
|
INFO: trying to register non-static key in ath9k_htc_rxep
wireless
|
-1 |
C |
unreliable |
|
9896 |
1510d |
2084d
|
20/29 |
1456d |
b0ec7e55fce6
ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep()
|
|
WARNING in rtl92cu_hw_init
wireless
|
-1 |
|
|
|
1 |
1556d |
1552d
|
20/29 |
1456d |
8b144dedb928
rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled
|
|
WARNING in ieee80211_parse_tx_radiotap
wireless
|
-1 |
|
|
|
2 |
1632d |
1631d
|
20/29 |
1456d |
13cb6d826e0a
mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
|
|
INFO: trying to register non-static key in ath9k_wmi_event_tasklet
wireless
usb
|
-1 |
C |
unreliable |
|
7 |
1546d |
1723d
|
20/29 |
1456d |
8b3046abc99e
ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()
|
|
KMSAN: uninit-value in ieee80211_sta_tx_notify (2)
wireless
|
7 |
|
|
|
283 |
1474d |
1564d
|
20/29 |
1456d |
d5e568c3a4ec
mac80211: track only QoS data frames for admission control
|
|
WARNING in ieee80211_vif_release_channel (2)
wireless
|
-1 |
C |
done |
|
5 |
1531d |
1534d
|
20/29 |
1456d |
87a270625a89
mac80211: fix locking in ieee80211_start_ap error path
|
|
INFO: rcu detected stall in ieee80211_tasklet_handler
wireless
|
1 |
C |
error |
done |
74 |
1620d |
1900d
|
20/29 |
1456d |
313bbd1990b6
mac80211-hwsim: fix late beacon hrtimer handling
|
|
general protection fault in ieee80211_assign_vif_chanctx
wireless
|
2 |
C |
inconclusive |
|
4 |
1594d |
1852d
|
20/29 |
1456d |
563fbefed46a
cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
|
|
KMSAN: uninit-value in _ieee802_11_parse_elems_crc
wireless
|
7 |
|
|
|
1 |
1551d |
1544d
|
20/29 |
1456d |
768c0b19b506
mac80211: validate extended element ID is present
|
|
memory leak in __ieee80211_beacon_get
wireless
|
3 |
syz |
|
|
14 |
1729d |
1850d
|
20/29 |
1575d |
bd18de517923
mac80211_hwsim: drop pending frames on stop
|
|
WARNING in ieee80211_free_ack_frame
wireless
|
-1 |
syz |
done |
|
117 |
1579d |
1973d
|
20/29 |
1575d |
bd18de517923
mac80211_hwsim: drop pending frames on stop
|
|
WARNING in ieee80211_get_sband
wireless
|
-1 |
C |
done |
|
7 |
1743d |
1968d
|
20/29 |
1575d |
0ee4d55534f8
mac80211: remove warning in ieee80211_get_sband()
|
|
KMSAN: uninit-value in validate_beacon_head
wireless
|
7 |
C |
|
|
284 |
1694d |
1921d
|
20/29 |
1575d |
9a6847ba1747
nl80211: fix beacon head validation
|
|
INFO: task hung in register_netdevice_notifier (2)
can
wireless
|
1 |
syz |
done |
|
10555 |
1718d |
2323d
|
20/29 |
1575d |
8d0caedb7596
can: bcm/raw/isotp: use per module netdevice notifier
|
|
KASAN: invalid-free in ieee80211_ibss_leave
wireless
|
24 |
C |
inconclusive |
|
1 |
1819d |
1847d
|
20/29 |
1575d |
3bd801b14e0c
mac80211: fix double free in ibss_leave
|
|
WARNING in cfg80211_inform_single_bss_frame_data
wireless
|
-1 |
C |
done |
|
1 |
1764d |
1856d
|
20/29 |
1575d |
e298aa358f0c
mac80211: fix skb length check in ieee80211_scan_rx()
|
|
possible deadlock in cfg80211_netdev_notifier_call (2)
wireless
|
4 |
|
|
|
2 |
1747d |
1758d
|
20/29 |
1575d |
d5befb224edb
mac80211: fix deadlock in AP/VLAN handling
|
|
WARNING in init_timer_key
wireless
|
-1 |
C |
done |
|
2 |
1745d |
1852d
|
20/29 |
1575d |
a64b6a25dd9f
cfg80211: call cfg80211_leave_ocb when switching away from OCB
|
|
possible deadlock in cfg80211_netdev_notifier_call
wireless
|
4 |
syz |
done |
|
13 |
1790d |
1856d
|
20/29 |
1789d |
40c575d1ec71
cfg80211: fix netdev registration deadlock
|
|
linux-next test error: possible deadlock in cfg80211_netdev_notifier_call
wireless
|
-1 |
|
|
|
6 |
1861d |
1861d
|
20/29 |
1789d |
38ec7c6b6bd6
virt_wifi: fix deadlock on RTNL
|
|
WARNING in cfg80211_change_iface
wireless
|
-1 |
C |
inconclusive |
|
4 |
1855d |
1860d
|
20/29 |
1789d |
bae173563cbf
wext: call cfg80211_change_iface() with wiphy lock held
|
|
WARNING in cfg80211_dev_rename
wireless
|
-1 |
C |
inconclusive |
|
22 |
1854d |
1860d
|
20/29 |
1789d |
0391a45c8007
nl80211: call cfg80211_dev_rename() under RTNL
|
|
WARNING in _cfg80211_unregister_wdev
wireless
|
-1 |
C |
inconclusive |
|
48 |
1854d |
1860d
|
20/29 |
1789d |
776a39b8196d
cfg80211: call cfg80211_destroy_ifaces() with wiphy lock held
|
|
BUG: sleeping function called from invalid context in corrupted
wireless
|
5 |
syz |
done |
|
18 |
1916d |
1940d
|
19/29 |
1820d |
7bc40aedf24d
mac80211: free sta in sta_info_insert_finish() on errors
|
|
bpf test error: BUG: sleeping function called from invalid context in sta_info_move_state
wireless
|
-1 |
|
|
|
6 |
1929d |
1935d
|
19/29 |
1820d |
7bc40aedf24d
mac80211: free sta in sta_info_insert_finish() on errors
|
|
KASAN: null-ptr-deref Write in rhashtable_free_and_destroy
wireless
|
12 |
|
|
|
11 |
1839d |
1916d
|
19/29 |
1820d |
905b2032fa42
mac80211: mesh: fix mesh_pathtbl_init() error path
|
|
general protection fault in ieee80211_subif_start_xmit
wireless
|
2 |
C |
unreliable |
|
29 |
1859d |
1926d
|
19/29 |
1820d |
054c9939b480
mac80211: pause TX while changing interface type
|
|
WARNING: suspicious RCU usage in get_wiphy_regdom
wireless
|
4 |
C |
done |
|
5031 |
1871d |
1903d
|
19/29 |
1820d |
51d62f2f2c50
cfg80211: Save the regulatory domain with a lock
|
|
KASAN: use-after-free Write in rtl_fw_do_work (2)
wireless
|
22 |
|
|
|
4 |
1904d |
1910d
|
19/29 |
1820d |
4dfde294b979
rtlwifi: rise completion at the last step of firmware callback
|
|
upstream test error: BUG: sleeping function called from invalid context in sta_info_move_state
wireless
|
-1 |
|
|
|
53 |
1930d |
1939d
|
19/29 |
1820d |
7bc40aedf24d
mac80211: free sta in sta_info_insert_finish() on errors
|
|
linux-next test error: BUG: sleeping function called from invalid context in sta_info_move_state
wireless
|
-1 |
|
|
|
3 |
1940d |
1944d
|
19/29 |
1820d |
7bc40aedf24d
mac80211: free sta in sta_info_insert_finish() on errors
|
|
net test error: BUG: sleeping function called from invalid context in sta_info_move_state
wireless
|
-1 |
|
|
|
4 |
1937d |
1944d
|
19/29 |
1820d |
7bc40aedf24d
mac80211: free sta in sta_info_insert_finish() on errors
|
|
net-next test error: BUG: sleeping function called from invalid context in sta_info_move_state
wireless
|
-1 |
|
|
|
12 |
1930d |
1939d
|
19/29 |
1820d |
7bc40aedf24d
mac80211: free sta in sta_info_insert_finish() on errors
|
|
WARNING: suspicious RCU usage in wiphy_apply_custom_regulatory
wireless
|
4 |
C |
done |
|
28 |
1903d |
1900d
|
19/29 |
1820d |
51d62f2f2c50
cfg80211: Save the regulatory domain with a lock
|
|
WARNING in rhashtable_free_and_destroy
wireless
|
-1 |
C |
error |
|
3 |
1916d |
2008d
|
19/29 |
1820d |
905b2032fa42
mac80211: mesh: fix mesh_pathtbl_init() error path
|
|
BUG: sleeping function called from invalid context in sta_info_move_state
wireless
|
5 |
C |
done |
|
39248 |
1914d |
1946d
|
19/29 |
1820d |
7bc40aedf24d
mac80211: free sta in sta_info_insert_finish() on errors
|
|
bpf-next test error: BUG: sleeping function called from invalid context in sta_info_move_state
wireless
|
-1 |
|
|
|
13 |
1915d |
1935d
|
19/29 |
1820d |
7bc40aedf24d
mac80211: free sta in sta_info_insert_finish() on errors
|
|
UBSAN: array-index-out-of-bounds in ieee80211_del_key (2)
wireless
|
15 |
C |
error |
|
3 |
1910d |
1919d
|
19/29 |
1820d |
2d9463083ce9
nl80211: validate key indexes for cfg80211_registered_device
|
|
general protection fault in wext_handle_ioctl
wireless
|
2 |
C |
inconclusive |
|
9 |
1863d |
1952d
|
19/29 |
1820d |
5122565188ba
wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
|
|
memory leak in ieee80211_check_fast_xmit
wireless
|
3 |
C |
|
|
983 |
1943d |
1986d
|
15/29 |
1933d |
dcd479e10a05
mac80211: always wind down STA state
|
|
WARNING in ieee80211_s1g_channel_width
wireless
|
-1 |
C |
done |
|
3 |
1975d |
1975d
|
15/29 |
1933d |
c1cd35c60601
cfg80211: only allow S1G channels on S1G band
|
|
KMSAN: uninit-value in ieee80211_skb_resize
wireless
|
7 |
C |
|
|
5 |
1962d |
1986d
|
15/29 |
1933d |
14f46c1e5108
mac80211: fix use of skb payload instead of header
|
|
KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
wireless
|
19 |
C |
|
|
2849 |
1933d |
2168d
|
15/29 |
1933d |
03fb92a432ea
ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs()
|
|
general protection fault in ieee80211_key_free
wireless
|
2 |
C |
done |
|
3 |
1968d |
1973d
|
15/29 |
1933d |
3dc289f8f139
net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key()
|
|
UBSAN: array-index-out-of-bounds in ieee80211_del_key
wireless
|
15 |
C |
done |
|
685 |
1942d |
1986d
|
15/29 |
1933d |
3dc289f8f139
net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key()
|
|
INFO: trying to register non-static key in del_timer_sync (2)
wireless
usb
|
-1 |
C |
|
|
1206 |
2465d |
2517d
|
15/29 |
1933d |
621a3a8b1c0e
mwifiex: don't call del_timer_sync() on uninitialized timer
|
|
KASAN: use-after-free Write in ath9k_htc_rx_msg
wireless
|
22 |
C |
|
|
93 |
2091d |
2168d
|
15/29 |
2055d |
e4ff08a4d727
ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
|
|
KASAN: stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
wireless
|
21 |
C |
|
|
57 |
2091d |
2164d
|
15/29 |
2055d |
19d6c375d671
ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
|
|
KASAN: use-after-free Read in htc_connect_service
wireless
|
19 |
C |
|
|
41041 |
2090d |
2168d
|
15/29 |
2055d |
ced21a4c726b
ath9k: Fix use-after-free Read in htc_connect_service
|
|
general protection fault in cfg80211_dev_rename
wireless
|
2 |
|
|
|
1 |
2125d |
2120d
|
15/29 |
2055d |
0bbab5f03015
cfg80211: fix debugfs rename crash
|
|
KASAN: use-after-free Read in ath9k_wmi_ctrl_rx
wireless
|
19 |
C |
|
|
1 |
2168d |
2167d
|
15/29 |
2055d |
abeaa85054ff
ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
|
|
general protection fault in ath9k_hif_usb_rx_cb
wireless
|
2 |
C |
|
|
913 |
2055d |
2168d
|
15/29 |
2055d |
2bbcaaee1fcb
ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
|
|
WARNING in hwsim_new_radio_nl
wireless
|
-1 |
C |
done |
|
3 |
2150d |
2153d
|
15/29 |
2084d |
7ea862048317
mac80211_hwsim: Use kstrndup() in place of kasprintf()
|
|
WARNING in set_precision (2)
wireless
|
-1 |
C |
done |
|
117 |
2146d |
2244d
|
15/29 |
2084d |
7ea862048317
mac80211_hwsim: Use kstrndup() in place of kasprintf()
|
|
BUG: unable to handle kernel NULL pointer dereference in cfg80211_wext_siwrts
wireless
|
10 |
|
|
|
3 |
2235d |
2244d
|
15/29 |
2205d |
24953de0a5e3
cfg80211: check for set_wiphy_params
|
|
KASAN: use-after-free Read in rsi_rx_done_handler
wireless
|
19 |
|
|
|
8 |
2244d |
2373d
|
15/29 |
2205d |
e93cd35101b6
rsi: fix use-after-free on failed probe and unbind
|
|
BUG: unable to handle kernel NULL pointer dereference in cfg80211_wext_siwfrag
wireless
|
10 |
C |
done |
|
8 |
2235d |
2247d
|
15/29 |
2205d |
24953de0a5e3
cfg80211: check for set_wiphy_params
|
|
WARNING: ODEBUG bug in rsi_probe
usb
wireless
|
-1 |
C |
|
|
10487 |
2219d |
2515d
|
15/29 |
2205d |
92aafe77123a
rsi: fix use-after-free on probe errors
|
|
KASAN: invalid-free in rsi_91x_deinit
usb
wireless
|
24 |
C |
|
|
109 |
2359d |
2506d
|
13/29 |
2287d |
8b51dc729147
rsi: fix a double free bug in rsi_91x_deinit()
|
|
general protection fault in ath6kl_usb_alloc_urb_from_pipe
usb
wireless
|
2 |
C |
|
|
1160 |
2357d |
2517d
|
13/29 |
2331d |
39d170b3cb62
ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
|
|
WARNING in zd_mac_clear
usb
wireless
|
-1 |
C |
|
|
13194 |
2357d |
2517d
|
13/29 |
2331d |
7a2eb7367fde
zd1211rw: remove false assertion from zd_mac_clear()
|
|
INFO: trying to register non-static key in rtl_c2hcmd_launcher
usb
wireless
|
-1 |
C |
|
|
48950 |
2409d |
2517d
|
12/29 |
2402d |
6c0ed66f1a5b
rtlwifi: rtl8192cu: fix error handle when usb probe failed
|
|
KASAN: use-after-free Read in p54u_load_firmware_cb
wireless
usb
|
19 |
syz |
|
|
40 |
2410d |
2493d
|
12/29 |
2402d |
6e41e2257f10
p54usb: Fix race between disconnect and firmware loading
|
|
WARNING in wiphy_register (4)
wireless
|
-1 |
syz |
error |
|
3 |
2516d |
2545d
|
12/29 |
2472d |
45fcef8b727b
mac80211_hwsim: calculate if_combination.max_interfaces
|
|
general protection fault in ieee80211_debugfs_rename_netdev
wireless
|
2 |
|
|
|
8 |
2501d |
2515d
|
12/29 |
2472d |
517879147493
mac80211: don't attempt to rename ERR_PTR() debugfs dirs
|
|
KASAN: global-out-of-bounds Read in validate_nla
wireless
|
17 |
C |
|
|
14 |
2590d |
2595d
|
11/29 |
2554d |
a8b5c6d69261
nl80211: fix NLA_POLICY_NESTED() arguments
|
|
WARNING in wiphy_register (3)
wireless
|
-1 |
syz |
|
|
31 |
2590d |
2621d
|
11/29 |
2554d |
9c5d3afac436
mac80211_hwsim: check that n_limits makes sense
|
|
WARNING in wiphy_register (2)
wireless
|
-1 |
C |
|
|
8 |
2755d |
2757d
|
10/29 |
2731d |
484004339d45
mac80211_hwsim: require at least one channel
|
|
WARNING in add_uevent_var
wireless
|
-1 |
C |
|
|
5 |
2893d |
2892d
|
5/29 |
2847d |
a7cfebcb7594
cfg80211: limit wiphy names to 128 bytes
|
|
KASAN: use-after-free Read in mac80211_hwsim_del_radio
wireless
|
19 |
|
|
|
11 |
2895d |
2924d
|
5/29 |
2856d |
8cfd36a0b53a
mac80211_hwsim: fix use-after-free bug in hwsim_exit_net
|
|
WARNING in check_flush_dependency
wireless
|
-1 |
C |
|
|
2205 |
2929d |
2961d
|
4/29 |
2927d |
ce162bfbc0b6
mac80211_hwsim: don't use WQ_MEM_RECLAIM
|
|
WARNING in wiphy_register
wireless
|
-1 |
C |
|
|
15 |
2969d |
2971d
|
4/29 |
2962d |
51a1aaa631c9
mac80211_hwsim: validate number of different channels
|
|
WARNING in rfkill_alloc
wireless
|
-1 |
C |
|
|
6 |
2969d |
2971d
|
4/29 |
2962d |
59b179b48ce2
cfg80211: check dev_set_name() return value
|