|
possible deadlock in serial8250_handle_irq
hams
|
4 |
C |
|
|
180 |
54d |
855d
|
29/29 |
24d |
38b04ed7072e
6pack: drop redundant locking and refcounting
|
|
general protection fault in rose_rt_ioctl
hams
|
2 |
C |
|
|
64 |
87d |
87d
|
29/29 |
45d |
1cc8a5b534e5
net: rose: fix a typo in rose_clear_routes()
|
|
KASAN: slab-use-after-free Read in rose_timer_expiry (3)
hams
|
19 |
|
|
|
6059 |
80d |
187d
|
29/29 |
45d |
da9c9c877597
net: rose: include node references in rose_neigh refcount
|
|
KASAN: slab-use-after-free Read in rose_get_neigh
hams
|
19 |
C |
error |
|
1449 |
138d |
530d
|
29/29 |
79d |
34a500caf48c
rose: fix dangling neighbour pointers in rose_rt_device_down()
|
|
WARNING: refcount bug in ax25_release (3)
hams
|
13 |
C |
done |
|
5256 |
240d |
545d
|
28/29 |
165d |
bca0902e6173
ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt
2f6efbabceb6
ax25: Remove broken autobind
|
|
BUG: soft lockup in rose_loopback_timer
hams
|
1 |
C |
|
|
1 |
296d |
292d
|
28/29 |
165d |
a1300691aed9
net: rose: lock the socket in rose_bind()
|
|
KASAN: slab-use-after-free Read in rose_timer_expiry (2)
hams
|
19 |
|
|
|
158 |
193d |
317d
|
28/29 |
192d |
5de7665e0a07
net: rose: fix timer races against user threads
|
|
possible deadlock in ax25_setsockopt
hams
|
4 |
|
|
|
2 |
319d |
326d
|
28/29 |
198d |
95fc45d1dea8
ax25: rcu protect dev->ax25_ptr
|
|
kernel BUG in nr_header
hams
|
-1 |
|
|
|
2 |
366d |
353d
|
28/29 |
200d |
a6d75ecee2bf
net: lapb: increase LAPB_HEADER_LEN
|
|
memory leak in nr_create (3)
hams
|
3 |
C |
|
|
9 |
703d |
893d
|
26/29 |
501d |
0b9130247f3b
netrom: Fix a memory leak in nr_heartbeat_expiry()
|
|
possible deadlock in nr_rt_ioctl
hams
|
4 |
C |
inconclusive |
|
8 |
539d |
567d
|
25/29 |
533d |
e03e7f20ebf7
netrom: fix possible dead-lock in nr_rt_ioctl()
|
|
WARNING: refcount bug in ax25_release (2)
hams
|
13 |
C |
|
|
240 |
549d |
614d
|
25/29 |
549d |
467324bcfe1a
ax25: Fix netdev refcount issue
|
|
WARNING in rose_device_event
hams
|
-1 |
|
|
|
1 |
710d |
710d
|
25/29 |
670d |
64b8bc7d5f14
net/rose: fix races in rose_kill_by_device()
|
|
general protection fault in prepare_to_wait (2)
hams
|
8 |
syz |
inconclusive |
|
4 |
789d |
827d
|
23/29 |
772d |
c2f8fd794960
netrom: Deny concurrent connect().
|
|
KASAN: use-after-free Write in nr_release
hams
|
24 |
C |
done |
error |
1784 |
912d |
2186d
|
22/29 |
898d |
611792920925
netrom: Fix use-after-free caused by accept on already connected socket
|
|
WARNING: refcount bug in nr_release (4)
hams
|
13 |
C |
|
|
24 |
1013d |
1318d
|
22/29 |
898d |
409db27e3a2e
netrom: Fix use-after-free of a listening socket.
|
|
KASAN: use-after-free Read in do_accept
hams
|
19 |
|
|
|
1 |
1044d |
1040d
|
22/29 |
898d |
409db27e3a2e
netrom: Fix use-after-free of a listening socket.
|
|
memory leak in nr_create (2)
hams
|
3 |
C |
|
|
11 |
969d |
1028d
|
22/29 |
898d |
611792920925
netrom: Fix use-after-free caused by accept on already connected socket
|
|
general protection fault in ax25_send_frame (2)
hams
|
10 |
|
|
|
13 |
1114d |
1100d
|
22/29 |
1002d |
e97c089d7a49
rose: Fix NULL pointer dereference in rose_send_frame()
|
|
general protection fault in rose_send_frame (2)
hams
|
2 |
|
|
|
7 |
1116d |
1141d
|
22/29 |
1002d |
e97c089d7a49
rose: Fix NULL pointer dereference in rose_send_frame()
|
|
KASAN: use-after-free Read in sixpack_close
hams
|
19 |
C |
done |
|
879 |
1464d |
1469d
|
20/29 |
1355d |
81b1d548d00b
hamradio: remove needs_free_netdev to avoid UAF
|
|
memory leak in nr_create
hams
|
3 |
C |
|
|
250 |
1586d |
2371d
|
20/29 |
1474d |
517a16b1a88b
netrom: Decrease sock refcount when sock timers expire
|
|
KASAN: slab-out-of-bounds Write in decode_data
hams
|
23 |
C |
done |
error |
7 |
2024d |
2180d
|
20/29 |
1474d |
19d1532a1876
net: 6pack: fix slab-out-of-bounds in decode_data
|
|
KMSAN: uninit-value in ax25_connect
hams
|
7 |
C |
|
|
15 |
1901d |
2034d
|
15/29 |
1893d |
2f2a7ffad5c6
AX.25: Fix out-of-bounds read in ax25_connect()
|
|
KMSAN: uninit-value in __dev_get_by_name
hams
|
7 |
C |
|
|
2 |
2016d |
2016d
|
15/29 |
1954d |
687775cec056
ax25: fix setsockopt(SO_BINDTODEVICE)
|
|
WARNING: held lock freed! (2)
hams
|
-1 |
C |
done |
|
1 |
2333d |
2329d
|
12/29 |
2279d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in release_sock
hams
|
19 |
C |
done |
|
10 |
2302d |
2312d
|
12/29 |
2279d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in nr_release
hams
|
19 |
C |
done |
|
25 |
2281d |
2360d
|
12/29 |
2279d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in nr_insert_socket
hams
|
19 |
C |
done |
|
22 |
2303d |
2319d
|
12/29 |
2279d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: use-after-free Read in nr_rx_frame (2)
hams
|
19 |
C |
done |
|
3 |
2307d |
2315d
|
12/29 |
2279d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
memory leak in nr_rx_frame
hams
|
3 |
C |
|
|
5 |
2308d |
2371d
|
12/29 |
2301d |
c8c8218ec5af
netrom: fix a memory leak in nr_rx_frame()
|
|
inconsistent lock state in ax25_destroy_timer
hams
|
4 |
|
|
|
2 |
2351d |
2352d
|
12/29 |
2327d |
d4d5d8e83c96
ax25: fix inconsistent lock state in ax25_destroy_timer
|
|
inconsistent lock state in ax25_rt_autobind
hams
|
4 |
|
|
|
2 |
2351d |
2351d
|
12/29 |
2327d |
d4d5d8e83c96
ax25: fix inconsistent lock state in ax25_destroy_timer
|
|
INFO: rcu detected stall in rose_loopback_timer
hams
|
1 |
|
|
|
5 |
2386d |
2405d
|
12/29 |
2371d |
0453c6824595
net/rose: fix unbound loop in rose_loopback_timer()
|
|
KASAN: stack-out-of-bounds Write in rose_write_internal
hams
|
23 |
|
|
|
1 |
2445d |
2445d
|
12/29 |
2418d |
e5dcc0c3223c
net: rose: fix a possible stack overflow
|
|
general protection fault in ax25cmp
hams
|
2 |
C |
|
|
2294 |
2489d |
2521d
|
11/29 |
2454d |
b0cf029234f9
net/rose: fix NULL ax25_cb kernel panic
|
|
KASAN: use-after-free Read in refcount_inc_not_zero_checked
hams
|
19 |
syz |
|
|
24 |
2457d |
2516d
|
11/29 |
2454d |
63346650c1a9
netrom: switch to sock timer API
|
|
KASAN: use-after-free Read in kmemdup
hams
|
19 |
|
|
|
1 |
2500d |
2500d
|
11/29 |
2454d |
63530aba7826
ax25: fix possible use-after-free
|
|
WARNING: refcount bug in nr_release
hams
|
13 |
|
|
|
1 |
2513d |
2511d
|
11/29 |
2454d |
63346650c1a9
netrom: switch to sock timer API
|
|
inconsistent lock state in nr_find_socket
hams
|
4 |
C |
|
|
19 |
2505d |
2520d
|
11/29 |
2503d |
7314f5480f3e
netrom: fix locking in nr_find_socket()
|
|
kernel BUG at kernel/time/timer.c:LINE! (2)
hams
|
-1 |
C |
|
|
5 |
2515d |
2517d
|
11/29 |
2503d |
202700e30740
net/hamradio/6pack: use mod_timer() to rearm timers
|
|
KASAN: use-after-free Read in nr_rx_frame
hams
|
19 |
syz |
|
|
2 |
2510d |
2516d
|
11/29 |
2503d |
7314f5480f3e
netrom: fix locking in nr_find_socket()
|
|
possible deadlock in nr_destroy_socket
hams
|
4 |
syz |
|
|
20 |
2506d |
2516d
|
11/29 |
2503d |
7314f5480f3e
netrom: fix locking in nr_find_socket()
|
|
KASAN: use-after-free Read in ax25_fillin_cb
hams
|
19 |
syz |
|
|
4 |
2524d |
2521d
|
11/29 |
2503d |
c433570458e4
ax25: fix a use-after-free in ax25_fillin_cb()
|