syzbot

 sign-in | mailing list | source | docs
🐞 Open [1509]
Subsystems
🐞 Fixed [6532]
🐞 Invalid [16674]
Missing Backports [203]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

bluetooth subsystem


List(s): linux-bluetooth@vger.kernel.org
Maintainer(s): luiz.dentz@gmail.com, marcel@holtmann.org
Fixed bugs: 91
Parent subsystem(s): kernel (80)
open (41):
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Discussions
KASAN: slab-use-after-free Read in release_sock (2) bluetooth 19 1 9d21h 3d19h
WARNING in hci_devcd_register (2) bluetooth -1 3 18d 16d
WARNING: kobject bug in hci_disconnect_all_sync bluetooth -1 1 37d 33d
WARNING in l2cap_send_disconn_req (2) bluetooth -1 1 44d 40d
stack segment fault in kernfs_rename_ns bluetooth 2 9 12d 42d
KASAN: slab-use-after-free Read in hci_uart_write_work bluetooth 19 syz 2 35d 47d 💬 3 [40d]
KASAN: slab-use-after-free Read in btusb_disconnect usb bluetooth 19 C 5 17d 58d 💬 1 [57d]
KASAN: slab-out-of-bounds Write in enqueue_timer bluetooth 23 1 74d 69d
INFO: task hung in hci_conn_failed (4) bluetooth 1 syz 9 1d19h 81d
INFO: task hung in hci_remote_features_evt (2) bluetooth 1 syz error inconclusive 8 66d 116d
possible deadlock in l2cap_conn_del bluetooth 4 syz error 236 1d07h 152d
KASAN: wild-memory-access Read in l2cap_connect_cfm bluetooth 19 16 1d08h 166d
possible deadlock in l2cap_info_timeout bluetooth 4 36 18h32m 186d
general protection fault in bcsp_recv bluetooth 8 C error 786 31m 196d PATCH [19h32m]
general protection fault in h5_recv bluetooth 10 C done 1470 1h01m 202d 💬 1 [6d06h]
general protection fault in __timer_delete_sync bluetooth 2 C done 3 201d 204d 💬 1 [204d]
general protection fault in hci_devcd_register bluetooth 17 31 20d 233d
KASAN: slab-use-after-free Read in msft_opcode_get bluetooth 19 18 12d 247d
KASAN: slab-use-after-free Read in force_devcd_write bluetooth 19 C 446 34m 249d 💬 4 [6d06h]
WARNING: held lock freed in bt_accept_dequeue bluetooth 4 9 18d 256d
WARNING in hci_conn_timeout (2) bluetooth -1 C error 666 21h01m 256d
KMSAN: uninit-value in hci_cmd_complete_evt bluetooth 7 C 30 10d 288d
INFO: task hung in hci_cmd_sync_clear (3) bluetooth 1 syz done 16 5h02m 295d
KASAN: slab-use-after-free Read in l2cap_unregister_user bluetooth 24 C done 42633 1h24m 302d 💬 2 [18d]
BUG: corrupted list in hci_cmd_sync_dequeue_once bluetooth 8 106 3h57m 314d
KASAN: slab-use-after-free Read in bt_accept_unlink bluetooth 19 80 10h06m 314d
KASAN: slab-use-after-free Read in l2cap_sock_new_connection_cb bluetooth 19 57 4d03h 314d
KASAN: slab-use-after-free Read in l2cap_sock_ready_cb (2) bluetooth 19 56 1d14h 334d
BUG: corrupted list in _hci_cmd_sync_cancel_entry bluetooth 8 syz error 34 6d15h 338d 💬 1 [66d]
WARNING: ODEBUG bug in hci_release_dev (2) bluetooth -1 C error 351 3d21h 403d
BUG: sleeping function called from invalid context in lock_sock_nested (3) bluetooth 19 C inconclusive error 152 5d16h 475d 💬 2 [34d]
possible deadlock in mgmt_remove_adv_monitor_complete bluetooth 4 C unreliable done 39 105d 485d
KASAN: slab-use-after-free Read in l2cap_recv_frame bluetooth 19 C inconclusive inconclusive 139 53d 491d 💬 2 [195d]
WARNING in hci_recv_frame bluetooth -1 C error 83 3d09h 492d 💬 1 [103d]
WARNING in l2cap_chan_send bluetooth -1 45 10d 504d
KASAN: slab-use-after-free Read in __hci_req_sync bluetooth 19 C error error 3383 382d 511d 💬 2 [416d]
WARNING in l2cap_chan_del bluetooth -1 291 14h54m 532d
general protection fault in lock_sock_nested bluetooth 19 C done done 3275 3h36m 720d
WARNING in call_timer_fn bluetooth -1 C unreliable 7249 15h25m 1019d 💬 8 [6d06h]
general protection fault in l2cap_chan_timeout (3) bluetooth 19 C inconclusive inconclusive 54 1d11h 1297d
general protection fault in skb_release_data (2) net bluetooth 24 C done error 703 152d 1817d
moderation (5):
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Discussions
KASAN: slab-use-after-free Read in full_proxy_write (2) bluetooth 19 3 6d05h 5d01h
general protection fault in skb_queue_tail (4) bluetooth 2 1 13d 9d00h
KASAN: slab-use-after-free Read in force_suspend_read (2) bluetooth 19 1 13d 9d11h
KASAN: slab-use-after-free Read in l2cap_disconn_ind (2) bluetooth 19 3 1d18h 31d
KASAN: slab-use-after-free Read in skb_dequeue bluetooth 19 2 4d16h 85d