|
KASAN: null-ptr-deref Write in sys_io_uring_register
mm
|
12 |
C |
done |
|
15 |
524d |
531d
|
1/29 |
never |
xarray-extract-helper-from-__xa_insertcmpxchg-fix
|
|
general protection fault in rwsem_mark_wake
mm
prio:high
|
2 |
C |
error |
|
9235 |
60d |
63d
|
28/29 |
never |
68bcd8b6e0b1
locking/rwsem: Fix logic error in rwsem_del_waiter()
|
|
WARNING in vma_merge
mm
|
-1 |
C |
done |
|
18115 |
904d |
1483d
|
1/29 |
never |
mm/mlock: use maple state in apply_mlockall_flags()
|
|
KASAN: use-after-free Read in __vma_adjust
mm
|
19 |
C |
done |
|
10 |
1381d |
1437d
|
1/29 |
never |
fs/userfaultfd: fix vma iteration in mas_for_each() loop
|
|
general protection fault in vma_interval_tree_remove
mm
|
10 |
C |
done |
|
14 |
720d |
1478d
|
1/29 |
never |
mm/mmap: fix advanced maple tree API for mmap_region()
mm/mmap: qvoid dereferencing next on null in BUG_ON()
|
|
KASAN: slab-use-after-free Read in mremap
mm
|
19 |
C |
done |
|
122 |
273d |
277d
|
2/29 |
never |
mm/mremap: do not incorrectly reference invalid VMA in VM_WARN_ON_ONCE()
|
|
WARNING in folio_add_new_anon_rmap
mm
|
-1 |
C |
error |
|
14 |
66d |
65d
|
2/29 |
never |
userfaultfd-introduce-struct-mfill_state-fix
|
|
WARNING: suspicious RCU usage in mas_walk (3)
mm
|
4 |
C |
done |
|
12 |
938d |
952d
|
1/29 |
never |
mempolicy: migration attempt to match interleave nodes: fix
|
|
KASAN: slab-use-after-free Read in do_sync_mmap_readahead
mm
prio:high
|
19 |
C |
done |
|
3 |
332d |
335d
|
2/29 |
never |
mm-filemap-allow-arch-to-request-folio-size-for-exec-memory-fix
|
|
kernel BUG in swap_cgroup_record (2)
mm
cgroups
prio:high
|
-1 |
C |
error |
|
227 |
126d |
130d
|
2/29 |
never |
mm/swap_cgroup: fix kernel BUG in swap_cgroup_record
|
|
KASAN: slab-use-after-free Read in finish_fault
mm
|
19 |
C |
done |
|
8 |
703d |
705d
|
1/29 |
never |
mm-memory-extend-finish_fault-to-support-large-folio-fix
|
|
kernel BUG in free_bprm
fs
mm
|
-1 |
C |
done |
|
445 |
559d |
560d
|
1/29 |
never |
exec: NULL out bprm->argv0 when it is an ERR_PTR
|
|
WARNING in page_add_anon_rmap
mm
|
-1 |
C |
done |
|
1041 |
973d |
975d
|
1/29 |
never |
mm-rmap-simplify-pageanonexclusive-sanity-checks-when-adding-anon-rmap-fix
|
|
general protection fault in vma_is_shmem
mm
io-uring
|
2 |
C |
error |
|
28 |
1366d |
1367d
|
1/29 |
never |
mm/gup.c: Fix return value for __gup_longterm_locked()
|
|
kernel BUG in resv_map_release (3)
mm
|
-1 |
C |
inconclusive |
error |
35 |
45d |
553d
|
28/29 |
never |
0217c7fb4de4
mm/userfaultfd: fix hugetlb fault mutex hash calculation
|
|
kernel BUG in mfill_atomic_copy
mm
|
-1 |
C |
error |
|
3 |
1044d |
1041d
|
1/29 |
never |
mm: userfaultfd: check for start + len overflow in validate_range: fix
|
|
general protection fault in shmem_mapping
mm
|
2 |
C |
done |
|
17 |
457d |
459d
|
1/29 |
never |
mm/huge_memory: do not drop the original folio during truncate
|
|
BUG: unable to handle kernel paging request in alloc_huge_page
mm
|
8 |
C |
unreliable |
|
491 |
1740d |
1739d
|
1/29 |
never |
mm/hugetlb: Initialize page to NULL in alloc_buddy_huge_page_with_mpol()
|
|
KASAN: slab-use-after-free Read in move_pages_pte
mm
|
19 |
C |
done |
|
3 |
530d |
528d
|
1/29 |
never |
mm: pgtable: make ptlock be freed by RCU
|
|
kernel BUG in vma_replace_policy
mm
|
-1 |
C |
done |
|
6 |
978d |
987d
|
1/29 |
never |
mm: lock VMAs skipped by a failed queue_pages_range()
|
|
WARNING in folio_memcg
mm
prio:low
|
-1 |
C |
done |
|
3851 |
155d |
638d
|
1/29 |
never |
mm: kmem: fix split_page_memcg()
|
|
WARNING in page_counter_uncharge (2)
mm
cgroups
|
-1 |
C |
error |
|
7 |
17d |
52d
|
2/29 |
never |
mm/hugetlb: fix hugetlb cgroup rsvd charge/uncharge mismatch
|
|
KASAN: slab-use-after-free Read in madvise_collapse
mm
|
19 |
C |
error |
|
5 |
1031d |
1031d
|
1/29 |
never |
mm/khugepaged: collapse_pte_mapped_thp() with mmap_read_lock(): fix
|
|
INFO: task hung in bchfs_fpunch (2)
fs
mm
|
1 |
C |
done |
|
2 |
285d |
329d
|
2/29 |
never |
bcachefs: Fix readahead involved deadlock
|
|
kernel BUG in collapse_file (3)
mm
|
-1 |
C |
done |
|
14 |
1031d |
1037d
|
1/29 |
never |
mm/khugepaged: collapse_pte_mapped_thp() with mmap_read_lock(): fix
|
|
WARNING in deferred_split_folio
mm
|
-1 |
syz |
error |
|
4 |
49d |
48d
|
28/29 |
never |
3bac01168982
mm: fix deferred split queue races during migration
|
|
WARNING in handle_userfault
mm
|
-1 |
C |
error |
|
71 |
1042d |
1049d
|
1/29 |
never |
mm: fix a lockdep issue in vma_assert_write_locked
|
|
WARNING in vma_mark_detached
prio:high
mm
|
-1 |
C |
error |
|
8 |
6d18h |
29d
|
16/29 |
never |
619eab23e1ce
mm/vma: do not try to unmap a VMA if mmap_prepare() invoked from mmap()
|
|
KASAN: slab-use-after-free Read in handle_mm_fault
mm
|
19 |
C |
done |
|
107 |
670d |
672d
|
1/29 |
never |
mm: check for VM_DROPPABLE in vma prior to handling mm fault
|
|
possible deadlock in collapse_file
mm
|
4 |
C |
done |
|
189 |
1171d |
1172d
|
1/29 |
never |
mm/khugepaged: fix vm_lock/i_mmap_rwsem inversion in retract_page_tables
|
|
INFO: task hung in remove_inode_hugepages
fs
mm
|
1 |
C |
done |
|
52 |
588d |
680d
|
1/29 |
never |
INFO: task hung in remove_inode_hugepages
|
|
KASAN: slab-out-of-bounds Read in shrink_folio_list
mm
|
19 |
C |
|
|
683 |
1045d |
1045d
|
1/29 |
never |
mm: call folio_mapping() inside folio_needs_release()
|
|
possible deadlock in gup_fast_fallback (2)
mm
|
4 |
C |
|
|
21 |
15d |
103d
|
29/29 |
13d |
b5cbacd7f86f
procfs: avoid fetching build ID while holding VMA lock
|
|
WARNING in folio_remove_rmap_ptes
mm
|
-1 |
C |
|
|
1 |
135d |
147d
|
29/29 |
13d |
61f67c230a5e
mm/vma: fix anon_vma UAF on mremap() faulted, unfaulted merge
|
|
INFO: rcu detected stall in purge_vmap_node
mm
|
1 |
C |
error |
|
2 |
131d |
127d
|
29/29 |
13d |
5747435e0fd4
mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node
|
|
INFO: task hung in __rmap_walk_file
mm
|
1 |
C |
error |
|
7 |
131d |
221d
|
29/29 |
13d |
b7880cb166ab
migrate: correct lock ordering for hugetlb file folios
|
|
WARNING in blkdev_common_ioctl
mm
|
-1 |
C |
|
|
5 |
161d |
159d
|
29/29 |
118d |
a58383fa45c7
block: add allocation size check in blkdev_pr_read_keys()
|
|
WARNING in memory_failure
mm
|
-1 |
C |
|
|
4 |
216d |
238d
|
29/29 |
132d |
77008e1b2ef7
mm/huge_memory: do not change split_huge_page*() target order silently
|
|
WARNING: refcount bug in __vma_enter_locked
mm
|
13 |
C |
done |
|
27 |
168d |
176d
|
29/29 |
132d |
faf3c923523e
mm: fix vma_start_write_killable() signal handling
|
|
KMSAN: kernel-infoleak in hugetlbfs_read_iter
fs
mm
|
9 |
C |
|
|
7 |
191d |
190d
|
29/29 |
132d |
de8798965fd0
mm/memfd: fix information leak in hugetlb folios
|
|
WARNING in raw_ioctl
usb
mm
|
-1 |
C |
|
|
664 |
163d |
207d
|
29/29 |
132d |
a5160af78be7
usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE
|
|
WARNING in hugetlb_vma_assert_locked
mm
|
-1 |
C |
|
|
8 |
236d |
238d
|
29/29 |
181d |
cec944dd329f
hugetlbfs: move lock assertions after early returns in huge_pmd_unshare()
dd83609b8898
hugetlbfs: skip VMAs without shareable locks in hugetlb_vmdelete_list
|
|
WARNING in xfs_init_fs_context
mm
|
-1 |
syz |
|
|
21 |
220d |
324d
|
29/29 |
182d |
0f41997b1b2b
xfs: don't use __GFP_NOFAIL in xfs_init_fs_context
|
|
general protection fault in unpin_user_pages_dirty_lock
mm
|
2 |
C |
|
|
4 |
254d |
254d
|
29/29 |
201d |
e3c05b6e370c
mm/gup: remove record_subpages()
|
|
WARNING in ext4_init_orphan_info
ext4
mm
|
-1 |
C |
done |
|
5 |
228d |
253d
|
29/29 |
202d |
0a6ce20c1564
ext4: verify orphan file size is not too big
|
|
WARNING: bad unlock balance in copy_process
mm
|
4 |
C |
|
|
304 |
228d |
353d
|
29/29 |
202d |
4ec3c15462b9
futex: Use correct exit on failure from futex_hash_allocate_default()
|
|
INFO: task hung in v9fs_file_fsync
fs
mm
|
1 |
C |
done |
|
14 |
234d |
274d
|
29/29 |
202d |
e8fe3f07a357
9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN
|
|
WARNING in max_vclocks_store
mm
net
|
-1 |
C |
|
|
3 |
262d |
498d
|
29/29 |
202d |
e9f35294e18d
ptp: Add a upper bound on max_vclocks
|
|
WARNING in nfsd_file_cache_init
mm
|
-1 |
C |
error |
|
4 |
226d |
224d
|
29/29 |
202d |
f7dfa0f31b13
slub: Don't call lockdep_unregister_key() for immature kmem_cache.
|
|
WARNING in try_to_migrate_one (3)
mm
|
-1 |
C |
done |
done |
6 |
260d |
283d
|
29/29 |
216d |
cf1b80dc31a1
mm: pass page directly instead of using folio_page
|
|
BUG: unable to handle kernel paging request in move_pages
mm
|
8 |
C |
|
|
4 |
292d |
306d
|
29/29 |
223d |
aba6faec0103
userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry
|
|
WARNING in move_page_tables
mm
|
-1 |
C |
|
|
3 |
280d |
280d
|
29/29 |
223d |
772e5b4a5e83
mm/mremap: fix WARN with uffd that has remap events disabled
|
|
WARNING in follow_page_pte
input
usb
mm
|
-1 |
C |
done |
|
6 |
287d |
286d
|
29/29 |
223d |
cf1b80dc31a1
mm: pass page directly instead of using folio_page
|
|
WARNING in path_noexec
mm
fs
|
-1 |
C |
done |
|
14318 |
231d |
316d
|
29/29 |
231d |
secretmem: use SB_I_NOEXEC
|
|
WARNING in move_to_new_folio (2)
gfs2
mm
|
-1 |
C |
error |
|
398 |
295d |
315d
|
29/29 |
253d |
5c8f12cf1e64
gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops
|
|
kernel BUG in try_to_unmap_one (2)
mm
|
-1 |
C |
|
|
7 |
324d |
348d
|
29/29 |
257d |
9f1e8cd0b7c4
mm/vmscan: fix hwpoisoned large folio handling in shrink_folio_list
|
|
kernel BUG in sanity_check_pinned_pages
mm
|
-1 |
C |
|
|
3 |
332d |
350d
|
29/29 |
257d |
5afb4bf9fc62
io_uring/rsrc: fix folio unpinning
|
|
possible deadlock in upgrade_mmap_lock_carefully (2)
ntfs3
mm
|
4 |
C |
error |
|
6 |
327d |
345d
|
29/29 |
257d |
a49f0abd8959
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
|
|
kernel BUG in alloc_hugetlb_folio_reserve
mm
|
-1 |
C |
done |
|
98 |
311d |
500d
|
29/29 |
257d |
c39b87456411
mm/hugetlb: don't crash when allocating a folio if there are no resv
|
|
WARNING in comedi_unlocked_ioctl
comedi
mm
|
-1 |
C |
|
|
262 |
303d |
319d
|
29/29 |
257d |
08ae4b20f5e8
comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
|
|
BUG: Bad rss-counter state (5)
mm
|
-1 |
C |
done |
|
2365 |
310d |
736d
|
29/29 |
285d |
43e027e41423
mm: memory: extend finish_fault() to support large folio
|
|
WARNING in vma_modify
mm
|
-1 |
C |
done |
|
21 |
339d |
347d
|
29/29 |
286d |
0cf4b1687a18
mm/vma: reset VMA iterator on commit_merge() OOM failure
|
|
WARNING in move_to_new_folio
mm
|
-1 |
C |
done |
|
1366 |
316d |
402d
|
29/29 |
316d |
906d7ce3b59d
jfs: implement migrate_folio for jfs_metapage_aops
|
|
WARNING: locking bug in __set_page_owner
mm
|
4 |
C |
error |
inconclusive |
179425 |
470d |
562d
|
29/29 |
319d |
d40797d6720e
kasan: make kasan_record_aux_stack_noalloc() the default behaviour
|
|
general protection fault in lock_vma_under_rcu
mm
|
2 |
syz |
done |
|
3 |
449d |
448d
|
28/29 |
342d |
f35ab95ca0af
mm: replace vm_lock and detached flag with a reference count
|
|
general protection fault in sys_mremap
mm
|
2 |
C |
|
|
35 |
410d |
413d
|
28/29 |
342d |
36eed5400805
mm/mremap: do not set vrm->vma NULL immediately prior to checking it
|
|
KMSAN: uninit-value in __alloc_frozen_pages_noprof
mm
|
7 |
C |
|
|
6 |
439d |
452d
|
28/29 |
343d |
8fe9ed44dc29
mm/page_alloc: fix uninitialized variable
|
|
possible deadlock in efivarfs_actor
mm
|
4 |
C |
|
|
8 |
420d |
437d
|
28/29 |
343d |
dec1277875a5
efivarfs: use I_MUTEX_CHILD nested lock to traverse variables on resume
|
|
BUG: unable to handle kernel paging request in vma_merge_existing_range
mm
|
8 |
C |
done |
|
8 |
398d |
425d
|
28/29 |
343d |
41e6ddcaa0f1
mm/vma: add give_up_on_oom option on modify/merge, use in uffd release
|
|
BUG: sleeping function called from invalid context in folio_mc_copy
mm
|
5 |
C |
done |
|
5415 |
386d |
418d
|
28/29 |
343d |
2d900efff915
mm/migrate: fix sleep in atomic for large folios and buffer heads
|
|
possible deadlock in zswap_store
mm
|
4 |
C |
inconclusive |
|
24203 |
449d |
499d
|
28/29 |
378d |
4dff389c9f1d
Revert "mm: zswap: fix race between [de]compression and CPU hotunplug"
|
|
general protection fault in account_kernel_stack (3)
mm
|
2 |
C |
|
|
7 |
503d |
518d
|
28/29 |
378d |
4db3d750ac7e
nvmet: Don't overflow subsysnqn
|
|
WARNING in lock_list_lru_of_memcg
mm
|
-1 |
syz |
|
|
2 |
459d |
522d
|
28/29 |
378d |
62e72d2cf702
mm, madvise: fix potential workingset node list_lru leaks
|
|
general protection fault in do_migrate_pages
mm
|
2 |
C |
|
|
2 |
528d |
546d
|
28/29 |
378d |
091c1dd2d4df
mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM
|
|
kernel BUG in const_folio_flags (2)
fs
mm
|
-1 |
syz |
|
|
3 |
482d |
542d
|
28/29 |
378d |
3203b3ab0fcf
mm/filemap: don't call folio_test_locked() without a reference in next_uptodate_folio()
|
|
KASAN: slab-use-after-free Read in __mmap_region
mm
|
19 |
C |
|
|
7 |
491d |
529d
|
28/29 |
378d |
42c4e4b20d9c
mm: correctly reference merged VMA
|
|
BUG: stack guard page was hit in sys_open
mm
v9fs
|
-1 |
C |
|
|
11 |
518d |
554d
|
28/29 |
378d |
4acb665cf4f3
netfs: Work around recursion by abandoning retry if nothing read
|
|
general protection fault in vsscanf (2)
mm
|
2 |
C |
|
|
11 |
514d |
520d
|
28/29 |
378d |
d3ac65d274b3
mm: huge_memory: handle strsep not finding delimiter
|
|
KASAN: out-of-bounds Read in copy_from_kernel_nofault
mm
|
17 |
C |
done |
|
1628 |
420d |
596d
|
28/29 |
378d |
e4137f08816b
mm, kasan, kmsan: instrument copy_from/to_kernel_nofault
|
|
WARNING: locking bug in __rmqueue_pcplist
mm
|
4 |
C |
|
|
11148 |
469d |
562d
|
28/29 |
378d |
d40797d6720e
kasan: make kasan_record_aux_stack_noalloc() the default behaviour
|
|
possible deadlock in page_cache_ra_unbounded
mm
fs
|
4 |
C |
error |
done |
163 |
485d |
1245d
|
28/29 |
440d |
6f861765464f
fs: Block writes to mounted block devices
|
|
general protection fault in swap_reclaim_full_clusters
mm
|
2 |
C |
|
|
1530 |
552d |
560d
|
28/29 |
519d |
dcf32ea7eced
mm: swapfile: fix cluster reclaim work crash on rotational devices
|
|
possible deadlock in lock_mm_and_find_vma (2)
mm
|
4 |
C |
|
|
6626 |
555d |
627d
|
28/29 |
551d |
58a039e679fe
mm: split critical region in remap_file_pages() and invoke LSMs in between
|
|
WARNING in copy_huge_pmd
mm
|
-1 |
C |
done |
|
361 |
586d |
603d
|
28/29 |
553d |
47fa30118f02
mm/huge_memory: check pmd_special() only after pmd_present()
|
|
memory leak in corrupted (2)
mm
exfat
|
3 |
syz |
|
|
432 |
612d |
778d
|
28/29 |
574d |
c290fe508eee
exfat: resolve memory leak from exfat_create_upcase_table()
|
|
possible deadlock in __mmap_lock_do_trace_start_locking
mm
|
4 |
C |
done |
done |
30 |
660d |
754d
|
27/29 |
629d |
7d6be67cfdd4
mm: mmap_lock: replace get_memcg_path_buf() with on-stack buffer
|
|
BUG: unable to handle kernel paging request in list_lru_add
mm
|
10 |
C |
done |
done |
11367 |
676d |
988d
|
27/29 |
629d |
aacd897d4d75
Revert "bcachefs: Mark bch_inode_info as SLAB_ACCOUNT"
|
|
possible deadlock in __mmap_lock_do_trace_released
mm
|
4 |
C |
done |
done |
5 |
669d |
686d
|
27/29 |
638d |
7d6be67cfdd4
mm: mmap_lock: replace get_memcg_path_buf() with on-stack buffer
|
|
KASAN: slab-use-after-free Read in lru_add_fn
nilfs
mm
|
19 |
C |
inconclusive |
|
68 |
692d |
740d
|
27/29 |
643d |
49ae997f8f0d
nilfs2: add missing check for inode numbers on directory entries
nilfs2: add missing check for inode numbers on directory entries
|
|
BUG: corrupted list in __folio_undo_large_rmappable
mm
|
8 |
C |
error |
|
36 |
678d |
678d
|
27/29 |
643d |
1390a3334a48
mm/hugetlb: fix kernel NULL pointer dereference when migrating hugetlb folio
|
|
inconsistent lock state in valid_state (3)
mm
|
4 |
C |
error |
|
376 |
655d |
704d
|
27/29 |
644d |
7d6be67cfdd4
mm: mmap_lock: replace get_memcg_path_buf() with on-stack buffer
|
|
possible deadlock in try_to_wake_up (5)
mm
|
4 |
C |
|
|
88 |
646d |
719d
|
27/29 |
644d |
7d6be67cfdd4
mm: mmap_lock: replace get_memcg_path_buf() with on-stack buffer
|
|
general protection fault in dequeue_hugetlb_folio_nodemask (2)
mm
|
2 |
C |
done |
|
14 |
701d |
707d
|
27/29 |
644d |
09a533622842
mm/hugetlb: guard dequeue_hugetlb_folio_nodemask against NUMA_NO_NODE uses
|
|
BUG: sleeping function called from invalid context in vma_alloc_folio_noprof
mm
|
5 |
C |
done |
|
1 |
674d |
673d
|
27/29 |
644d |
280e36f0d5b9
nsfs: use cleanup guard
|
|
UBSAN: shift-out-of-bounds in try_to_shrink_lruvec
mm
|
-1 |
C |
done |
|
4 |
720d |
721d
|
27/29 |
644d |
462966dc7d70
mm: vmscan: reset sc->priority on retry
|
|
WARNING in unmap_page_range (3)
mm
|
-1 |
C |
|
|
169 |
782d |
791d
|
26/29 |
669d |
f8572367eaff
mm/memory: fix missing pte marker for !page on pte zaps
|
|
INFO: rcu detected stall in sys_wait4 (4)
mm
|
1 |
C |
done |
done |
2 |
735d |
768d
|
26/29 |
677d |
fb66df20a720
net/sched: taprio: extend minimum interval restriction to entire cycle too
|
|
kernel BUG in __vma_reservation_common
mm
|
-1 |
C |
error |
|
8 |
710d |
743d
|
26/29 |
679d |
8daf9c702ee7
mm/hugetlb: do not call vma_add_reservation upon ENOMEM
|
|
KMSAN: uninit-value in virtqueue_add (4)
mm
|
7 |
C |
|
|
203184 |
707d |
869d
|
25/29 |
707d |
61b258b0d2f6
x86: call instrumentation hooks from copy_mc.c
|
|
WARNING in __page_table_check_ptes_set
mm
|
-1 |
C |
|
|
2 |
762d |
758d
|
25/29 |
713d |
c88033efe9a3
mm/userfaultfd: reset ptes when close() for wr-protected ones
|
|
WARNING in __mod_memcg_lruvec_state
cgroups
mm
|
-1 |
C |
|
|
270 |
742d |
777d
|
25/29 |
713d |
4f687281012e
mm: do not update memcg stats for NR_{FILE/SHMEM}_PMDMAPPED
|
|
possible deadlock in move_pages
mm
|
4 |
C |
|
|
206 |
783d |
791d
|
25/29 |
727d |
30af24facf0a
userfaultfd: fix deadlock warning when locking src and dst VMAs
|
|
KASAN: slab-use-after-free Read in __vma_reservation_common
mm
|
19 |
syz |
|
|
13 |
753d |
767d
|
25/29 |
727d |
37641efaa3fa
hugetlb: check for anon_vma prior to folio allocation
|
|
WARNING: refcount bug in __reset_page_owner
mm
|
13 |
C |
|
|
93128 |
760d |
791d
|
25/29 |
727d |
f5c12105c15f
mm,page_owner: fix refcount imbalance
|
|
BUG: unable to handle kernel paging request in copy_from_kernel_nofault (2)
mm
|
8 |
C |
|
|
2 |
767d |
777d
|
25/29 |
727d |
c6f48506ba30
arm32, bpf: Reimplement sign-extension mov instruction
|
|
WARNING in __hugetlb_cgroup_uncharge_folio
mm
|
-1 |
syz |
|
|
3 |
756d |
765d
|
25/29 |
727d |
b76b46902c2d
mm/hugetlb: fix missing hugetlb_lock for resv uncharge
|
|
kernel BUG in sg_init_one
mm
|
-1 |
C |
|
|
1032 |
782d |
792d
|
25/29 |
727d |
9c500835f279
mm: zswap: fix kernel BUG in sg_init_one
|
|
WARNING in hugetlb_change_protection (2)
mm
|
-1 |
C |
|
|
631 |
747d |
774d
|
25/29 |
727d |
c5977c95dff1
mm/userfaultfd: allow hugetlb change protection upon poison entry
|
|
BUG: bad usercopy in raw_getsockopt
mm
hardening
|
-1 |
C |
done |
|
4 |
819d |
819d
|
25/29 |
769d |
c8fba5d6df5e
can: raw: fix getsockopt() for new CAN_RAW_XL_VCID_OPTS
|
|
BUG: unable to handle kernel paging request in copy_from_kernel_nofault
mm
|
8 |
C |
done |
|
5 |
813d |
912d
|
25/29 |
782d |
32019c659ecf
x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()
|
|
kernel BUG in move_pages
mm
|
-1 |
C |
done |
|
2 |
863d |
859d
|
25/29 |
840d |
5d4747a6cc8e
userfaultfd: avoid huge_zero_page in UFFDIO_MOVE
|
|
WARNING in get_pte_pfn
mm
io-uring
|
-1 |
C |
error |
|
2 |
869d |
879d
|
25/29 |
840d |
c28ac3c7eb94
mm/mglru: skip special VMAs in lru_gen_look_around()
|
|
WARNING in __folio_rmap_sanity_checks
mm
|
-1 |
C |
done |
|
168 |
863d |
867d
|
25/29 |
840d |
9c5938694cd0
mm/rmap: silence VM_WARN_ON_FOLIO() in __folio_rmap_sanity_checks()
|
|
KMSAN: uninit-value in shrinker_alloc
mm
|
7 |
syz |
|
|
2 |
890d |
868d
|
25/29 |
840d |
7fba9420b726
mm: shrinker: use kvzalloc_node() from expand_one_shrinker_info()
|
|
general protection fault in hugetlb_vma_lock_write
mm
|
2 |
C |
done |
|
110 |
893d |
933d
|
25/29 |
850d |
187da0f8250a
hugetlb: fix null-ptr-deref in hugetlb_vma_lock_write
|
|
WARNING in unmap_page_range (2)
mm
|
-1 |
C |
done |
|
2112 |
890d |
916d
|
25/29 |
850d |
4980e837cab7
mm/pagemap: fix wr-protect even if PM_SCAN_WP_MATCHING not set
|
|
BUG: unable to handle kernel paging request in __pte_offset_map_lock
mm
|
8 |
C |
|
|
2 |
926d |
936d
|
25/29 |
850d |
9aa1345d66b8
mm: fix oops when filemap_map_pmd() without prealloc_pte
|
|
WARNING in page_copy_sane
fs
mm
|
-1 |
C |
done |
|
3 |
978d |
975d
|
25/29 |
881d |
a08c7193e4f1
mm/filemap: remove hugetlb special casing in filemap.c
|
|
BUG: Bad page map (7)
mm
|
-1 |
C |
done |
|
19 |
961d |
983d
|
25/29 |
881d |
ce60f27bb62d
mm: abstract moving to the next PFN
|
|
WARNING in try_grab_page
xfs
mm
|
-1 |
C |
|
|
48 |
966d |
1051d
|
23/29 |
950d |
f443fd5af5db
crypto, cifs: fix error handling in extract_iter_to_sg()
|
|
possible deadlock in shmem_uncharge (2)
mm
|
4 |
C |
done |
|
29 |
1038d |
1036d
|
23/29 |
950d |
509f006932de
shmem: fix quota lock nesting in huge hole handling
|
|
KASAN: slab-out-of-bounds Read in mt_validate_nulls
mm
|
17 |
C |
error |
done |
15 |
1050d |
1049d
|
23/29 |
950d |
ae80b4041984
mm: validate the mm before dropping the mmap lock
|
|
kernel BUG in validate_mm (2)
mm
|
-1 |
C |
unreliable |
done |
217 |
1050d |
1049d
|
23/29 |
950d |
ae80b4041984
mm: validate the mm before dropping the mmap lock
|
|
WARNING in __gup_longterm_locked
mm
|
-1 |
C |
error |
|
90 |
1049d |
1050d
|
23/29 |
950d |
6cd06ab12d1a
gup: make the stack expansion warning a bit more targeted
|
|
inconsistent lock state in lru_gen_rotate_memcg
mm
|
4 |
C |
|
|
61 |
1054d |
1065d
|
23/29 |
964d |
814bc1de03ea
mm/mglru: make memcg_lru->lock irq safe
|
|
kernel BUG in page_table_check_clear
mm
|
-1 |
C |
error |
|
17 |
1078d |
1111d
|
22/29 |
1053d |
44d0fb387b53
mm: page_table_check: Ensure user pages are not slab pages
0143d148d1e8
usb: usbfs: Enforce page requirements for mmap
|
|
kernel BUG in find_mergeable_anon_vma
mm
|
-1 |
C |
error |
|
4 |
1172d |
1168d
|
22/29 |
1076d |
3dd443254941
mm: enable maple tree RCU mode by default
|
|
KASAN: null-ptr-deref Read in filemap_fault
mm
udf
|
11 |
C |
done |
|
112 |
1104d |
1117d
|
22/29 |
1076d |
38a55db9877c
filemap: Handle error return from __filemap_get_folio()
|
|
KMSAN: uninit-value in ondemand_readahead
fs
mm
|
7 |
C |
|
|
221 |
1174d |
1337d
|
22/29 |
1076d |
3e35102666f8
fs/cramfs/inode.c: initialize file_ra_state
|
|
KMSAN: kernel-infoleak in _copy_to_iter (8)
mm
|
21 |
C |
|
|
21180 |
1076d |
1170d
|
22/29 |
1076d |
8222d5910dae
xfrm: Zero padding when dumping algos and encap
|
|
WARNING in split_huge_page_to_list (2)
mm
|
-1 |
C |
error |
|
2334 |
1101d |
1365d
|
22/29 |
1076d |
4737edbbdd49
mm/huge_memory.c: warn with pr_warn_ratelimited instead of VM_WARN_ON_ONCE_FOLIO
|
|
KASAN: slab-use-after-free Read in mas_next_entry
mm
|
19 |
syz |
error |
|
3 |
1138d |
1141d
|
22/29 |
1076d |
f4e9e0e69468
mm/mempolicy: fix use-after-free of VMA iterator
|
|
kernel BUG in hpage_collapse_scan_file
mm
|
-1 |
C |
unreliable |
|
3 |
1128d |
1166d
|
22/29 |
1076d |
2ce0bdfebc74
mm: khugepaged: fix kernel BUG in hpage_collapse_scan_file()
|
|
WARNING in mbind_range
mm
|
-1 |
C |
error |
|
3 |
1226d |
1226d
|
22/29 |
1076d |
17dc622c7b0f
maple_tree: fix mas_prev() and mas_find() state handling
|
|
BUG: bad usercopy in con_font_op
hardening
mm
|
-1 |
C |
done |
|
1 |
1173d |
1173d
|
22/29 |
1076d |
18365ebf23f3
tty: vt: protect KD_FONT_OP_GET_TALL from unbound access
|
|
BUG: bad usercopy in put_cmsg
hardening
mm
|
-1 |
C |
|
|
3 |
1191d |
1192d
|
22/29 |
1076d |
2558b8039d05
net: use a bounce buffer for copying skb->mark
|
|
INFO: task hung in write_cache_pages (2)
mm
fs
|
1 |
C |
done |
|
36 |
1104d |
1175d
|
22/29 |
1076d |
fb3592c41a44
migrate_pages: fix deadlock in batched migration
|
|
WARNING: CPU: NUM PID: NUM at mm/page_alloc.c:LINE get_page_from_freeli
mm
erofs
|
-1 |
C |
error |
|
1 |
1248d |
1244d
|
22/29 |
1076d |
12724ba38992
erofs: fix kvcalloc() misuse with __GFP_NOFAIL
|
|
memory leak in prctl
mm
|
3 |
C |
|
|
1 |
1250d |
1246d
|
22/29 |
1076d |
a1193de562f5
mm: fix vma->anon_name memory leak for anonymous shmem VMAs
|
|
BUG: sleeping function called from invalid context in folio_copy
mm
|
5 |
C |
unreliable |
|
271 |
1761d |
1759d
|
22/29 |
1133d |
715cbfd6c5c5
mm/migrate: Add folio_migrate_copy()
|
|
WARNING in alloc_charge_hpage
mm
|
-1 |
C |
error |
|
112 |
1229d |
1299d
|
22/29 |
1180d |
e031ff96b334
mm: khugepaged: allow page allocation fallback to eligible nodes
dec1d352de5c
mm: replace VM_WARN_ON to pr_warn if the node is offline with __GFP_THISNODE
|
|
KASAN: use-after-free Read in mas_next_nentry
fs
mm
|
19 |
C |
error |
done |
343 |
1289d |
1483d
|
22/29 |
1180d |
59f2f4b8a757
fs/userfaultfd: Fix maple tree iterator in userfaultfd_unregister()
|
|
general protection fault in list_lru_add
mm
|
8 |
C |
done |
|
1125 |
1229d |
1518d
|
22/29 |
1180d |
ae085d7f9365
mm: kfence: fix missing objcg housekeeping for SLAB
|
|
WARNING in change_protection
mm
|
-1 |
C |
unreliable |
|
13 |
1322d |
1327d
|
22/29 |
1180d |
515778e2d790
mm/uffd: fix warning without PTE_MARKER_UFFD_WP compiled in
|
|
KASAN: use-after-free Read in unregister_shrinker (2)
mm
|
19 |
C |
error |
|
3799 |
1292d |
1336d
|
22/29 |
1180d |
bd86c69dae65
NFSD: unregister shrinker when nfsd_init_net() fails
|
|
KMSAN: uninit-value in mpol_rebind_mm (2)
mm
|
7 |
C |
|
|
11 |
1434d |
1558d
|
22/29 |
1180d |
018160ad314d
mm/mempolicy: fix uninit-value in mpol_rebind_policy()
|
|
kernel BUG in __filemap_get_folio
mm
|
-1 |
C |
done |
|
814 |
1319d |
1490d
|
22/29 |
1180d |
63b1898fffcd
XArray: Disallow sibling entries of nodes
|
|
KMSAN: uninit-value in mpol_rebind_task (2)
mm
|
7 |
C |
|
|
7 |
1436d |
1596d
|
22/29 |
1180d |
018160ad314d
mm/mempolicy: fix uninit-value in mpol_rebind_policy()
|
|
WARNING: locking bug in hugetlb_no_page
mm
|
4 |
C |
|
|
1 |
1284d |
1284d
|
22/29 |
1180d |
04ada095dcfc
hugetlb: don't delete vma_lock in hugetlb MADV_DONTNEED processing
|
|
KASAN: slab-out-of-bounds Read in __fscache_acquire_volume
fs
mm
|
17 |
C |
done |
done |
1 |
1359d |
1359d
|
22/29 |
1180d |
9f0933ac026f
fscache: fix OOB Read in __fscache_acquire_volume
|
|
BUG: sleeping function called from invalid context in break_ksm
mm
|
5 |
C |
|
|
9 |
1307d |
1307d
|
22/29 |
1180d |
d7c0e68dab98
mm/ksm: convert break_ksm() to use walk_page_range_vma()
|
|
general protection fault in hugetlbfs_parse_param
mm
|
2 |
C |
|
|
5 |
1296d |
1307d
|
22/29 |
1180d |
26215b7ee923
hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
|
|
memory leak in xas_nomem
mm
|
3 |
C |
|
|
1 |
1457d |
1453d
|
22/29 |
1180d |
69a37a8ba1b4
mm/huge_memory: Fix xarray node memory leak
|
|
WARNING in find_vma
mm
|
-1 |
C |
done |
|
2616 |
1357d |
1380d
|
22/29 |
1180d |
d6f35446d076
binder_alloc: Add missing mmap_lock calls when using the VMA
44e602b4e52f
binder_alloc: add missing mmap_lock calls when using the VMA
|
|
WARNING in erofs_iget
erofs
mm
|
-1 |
C |
|
|
6 |
1301d |
1351d
|
22/29 |
1180d |
1dd73601a1cb
erofs: fix order >= MAX_ORDER warning due to crafted negative i_size
|
|
WARNING in nsim_map_alloc_elem
mm
|
-1 |
C |
error |
|
7 |
1375d |
1395d
|
22/29 |
1180d |
d0b80a9edb1a
netdevsim: Avoid allocation warnings triggered from user space
|
|
BUG: unable to handle kernel paging request in truncate_inode_partial_folio
fs
mm
|
8 |
C |
error |
|
4 |
1382d |
1421d
|
22/29 |
1180d |
84ac013046cc
secretmem: fix unhandled fault in truncate
|
|
WARNING in hugetlb_wp
mm
|
-1 |
C |
error |
|
3 |
1292d |
1298d
|
22/29 |
1180d |
f347454d0341
mm/gup: disallow FOLL_FORCE|FOLL_WRITE on hugetlb mappings
|
|
WARNING in register_shrinker_prepared
f2fs
mm
|
-1 |
C |
error |
|
64 |
1442d |
1443d
|
22/29 |
1180d |
5035ebc644ae
mm: shrinkers: introduce debugfs interface for memory shrinkers
|
|
WARNING in __split_huge_page_tail
arch
mm
io-uring
|
-1 |
C |
error |
|
155 |
1229d |
1301d
|
22/29 |
1180d |
5aae9265ee1a
mm: prep_compound_tail() clear page->private
|
|
KASAN: use-after-free Read in register_shrinker_prepared (2)
mm
|
19 |
C |
done |
|
1145 |
1293d |
1330d
|
22/29 |
1180d |
bd86c69dae65
NFSD: unregister shrinker when nfsd_init_net() fails
|
|
BUG: unable to handle kernel NULL pointer dereference in smack_inode_permission
lsm
mm
|
10 |
C |
|
|
1 |
1287d |
1283d
|
22/29 |
1180d |
578b565b240a
9p/fd: Fix write overflow in p9_read_work
|
|
KASAN: invalid-free in free_prealloced_shrinker
mm
|
24 |
C |
done |
|
3 |
1400d |
1399d
|
22/29 |
1180d |
14773bfa70e6
mm: shrinkers: fix double kfree on shrinker name
|
|
KASAN: use-after-free Read in hugetlb_fault
mm
|
22 |
C |
|
|
383 |
1209d |
1304d
|
22/29 |
1180d |
04ada095dcfc
hugetlb: don't delete vma_lock in hugetlb MADV_DONTNEED processing
|
|
general protection fault in end_page_writeback
mm
nilfs
|
2 |
C |
error |
done |
2 |
1279d |
1310d
|
22/29 |
1180d |
512c5ca01a36
nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
|
|
BUG: sleeping function called from invalid context in vm_area_dup
mm
|
5 |
C |
|
|
3 |
1307d |
1307d
|
22/29 |
1180d |
d7c0e68dab98
mm/ksm: convert break_ksm() to use walk_page_range_vma()
|
|
KASAN: use-after-free Read in hugetlb_handle_userfault
mm
|
19 |
C |
|
|
4 |
1325d |
1349d
|
22/29 |
1180d |
958f32ce832b
mm: hugetlb: fix UAF in hugetlb_handle_userfault
|
|
BUG: Bad page map (5)
mm
|
19 |
C |
|
|
35 |
1221d |
1479d
|
22/29 |
1180d |
4d24de9425f7
mm: MADV_COLLAPSE: refetch vm_end after reacquiring mmap_lock
|
|
KASAN: use-after-free Read in mas_next_entry
fs
mm
|
19 |
C |
error |
|
16 |
1291d |
1304d
|
22/29 |
1180d |
59f2f4b8a757
fs/userfaultfd: Fix maple tree iterator in userfaultfd_unregister()
|
|
WARNING in sco_sock_sendmsg
mm
|
-1 |
C |
inconclusive |
|
2 |
1721d |
1721d
|
22/29 |
1314d |
0771cbb3b97d
Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
|
|
WARNING in page_counter_cancel (3)
mm
cgroups
|
-1 |
C |
done |
|
22 |
1590d |
1640d
|
20/29 |
1533d |
269bda9e7da4
mptcp: Check reclaim amount before reducing allocation
|
|
WARNING: refcount bug in sys_memfd_secret
mm
|
13 |
C |
done |
done |
4217 |
1667d |
1670d
|
20/29 |
1533d |
87066fdd2e30
Revert "mm/secretmem: use refcount_t instead of atomic_t"
|
|
KASAN: use-after-free Read in unmap_page_range (2)
mm
|
19 |
C |
unreliable |
|
4 |
1643d |
1661d
|
20/29 |
1533d |
337546e83fc7
mm/oom_kill.c: prevent a race between process_mrelease and exit_mmap
|
|
WARNING in page_counter_uncharge
cgroups
mm
|
-1 |
C |
done |
done |
2 |
1602d |
1602d
|
20/29 |
1533d |
269bda9e7da4
mptcp: Check reclaim amount before reducing allocation
|
|
WARNING in new_slab
mm
|
-1 |
C |
inconclusive |
|
2 |
1580d |
1611d
|
20/29 |
1533d |
c12837d1bb31
ref_tracker: use __GFP_NOFAIL more carefully
|
|
kernel BUG in find_lock_entries
mm
|
-1 |
C |
done |
|
10 |
1581d |
1744d
|
20/29 |
1533d |
d417b49fff3e
mm/filemap.c: remove bogus VM_BUG_ON
|
|
kernel BUG at mm/vmalloc.c:LINE! (2)
mm
|
-1 |
C |
done |
done |
6605 |
1728d |
2139d
|
20/29 |
1576d |
537cf4e3cc2f
xsk: Fix umem cleanup bug at socket destruct
|
|
possible deadlock in __fs_reclaim_acquire
mm
|
4 |
syz |
unreliable |
|
672 |
1769d |
1780d
|
20/29 |
1652d |
187ad460b841
mm/page_alloc: avoid page allocator recursion with pagesets.lock held
|
|
BUG: sleeping function called from invalid context in stack_depot_save
mm
|
5 |
C |
unreliable |
|
8490 |
1751d |
1780d
|
20/29 |
1652d |
187ad460b841
mm/page_alloc: avoid page allocator recursion with pagesets.lock held
|
|
general protection fault in try_grab_compound_head
io-uring
mm
|
7 |
C |
done |
|
5 |
1753d |
1781d
|
20/29 |
1652d |
d08af0a59684
mm/hugetlb: fix refs calculation from unaligned @vaddr
|
|
WARNING in do_proc_bulk
mm
|
-1 |
C |
inconclusive |
|
3 |
1842d |
1843d
|
20/29 |
1652d |
4f2629ea67e7
USB: usbfs: Don't WARN about excessively large memory allocations
|
|
KMSAN: kernel-infoleak in copy_page_to_iter (2)
fs
mm
|
9 |
C |
|
|
2099 |
1747d |
2805d
|
20/29 |
1652d |
ce3aba43599f
ext4: fix kernel infoleak via ext4_extent_header
|
|
WARNING in tcindex_alloc_perfect_hash
mm
|
-1 |
C |
inconclusive |
|
349 |
1781d |
1956d
|
20/29 |
1652d |
3f2db250099f
net: sched: fix warning in tcindex_alloc_perfect_hash
|
|
KASAN: use-after-free Read in check_all_holdout_tasks_trace
mm
|
19 |
syz |
done |
|
4 |
1754d |
1824d
|
20/29 |
1652d |
1d10bf55d85d
rcu-tasks: Don't delete holdouts within trc_inspect_reader()
|
|
kernel BUG in remove_inode_hugepages
fs
mm
|
-1 |
C |
unreliable |
|
3 |
1737d |
1737d
|
20/29 |
1652d |
c7b1850dfb41
hugetlb: don't pass page cache pages to restore_reserve_on_error
|
|
KASAN: out-of-bounds Read in kfence_guarded_free
kasan
mm
|
17 |
C |
error |
|
20 |
1962d |
1973d
|
20/29 |
1803d |
2b8305260fb3
kfence, kasan: make KFENCE compatible with KASAN
|
|
BUG: sleeping function called from invalid context in mm_access
mm
|
5 |
C |
done |
|
684 |
1950d |
1953d
|
20/29 |
1866d |
38e891849003
kbuild: lto: fix module versioning
|
|
WARNING in rds_rdma_extra_size
mm
|
-1 |
C |
done |
|
165 |
1932d |
1956d
|
19/29 |
1897d |
a11148e6fcce
net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS
|
|
kernel BUG at include/linux/highmem.h:LINE!
mm
|
-1 |
C |
error |
|
32 |
2000d |
2005d
|
19/29 |
1897d |
0060ef3b4e6d
mm: support THPs in zero_user_segments
|
|
WARNING in squashfs_read_table
mm
squashfs
|
-1 |
C |
inconclusive |
|
50 |
1927d |
1956d
|
19/29 |
1897d |
506220d2ba21
squashfs: add more sanity checks in xattr id lookup
|
|
WARNING in bpf_prog_test_run_raw_tp
mm
|
-1 |
C |
done |
|
36 |
1945d |
1956d
|
19/29 |
1897d |
7ac6ad051150
bpf: Reject too big ctx_size_in for raw_tp test run
|
|
WARNING in qrtr_tun_write_iter
mm
|
-1 |
C |
error |
|
57 |
1924d |
1956d
|
19/29 |
1897d |
2a80c1581237
net/qrtr: restrict user-controlled length in qrtr_tun_write_iter()
|
|
possible deadlock in hugetlb_cow
mm
|
4 |
C |
unreliable |
|
341 |
1967d |
1990d
|
19/29 |
1897d |
e7dd91c456a8
mm/hugetlb: fix deadlock in hugetlb_cow error path
|
|
INFO: rcu detected stall in sys_exit_group (6)
mm
|
1 |
C |
|
|
4 |
2057d |
2063d
|
19/29 |
1897d |
c583bcb8f5ed
rcu: Don't invoke try_invoke_on_locked_down_task() with irqs disabled
|
|
general protection fault in unlink_file_vma
mm
|
2 |
C |
done |
|
1 |
2083d |
2079d
|
15/29 |
2010d |
bc4fe4cdd602
mm: mmap: Fix general protection fault in unlink_file_vma()
|
|
INFO: rcu detected stall in exit_group
mm
|
1 |
C |
done |
done |
1 |
2047d |
2077d
|
15/29 |
2010d |
1d0e850a49a5
afs: Fix cell removal
|
|
WARNING in wp_page_copy
mm
|
-1 |
syz |
done |
done |
9 |
2283d |
2360d
|
15/29 |
2010d |
c3e5ea6ee574
mm: avoid data corruption on CoW fault into PFN-mapped VMA
|
|
kernel panic: System is deadlocked on memory
mm
|
2 |
C |
done |
|
43 |
2136d |
2135d
|
15/29 |
2010d |
9066e5cfb73c
mm, oom: make the calculation of oom badness more accurate
|
|
general protection fault in madvise_cold_or_pageout_pte_range
mm
|
2 |
C |
done |
|
3 |
2063d |
2073d
|
15/29 |
2044d |
ce2684254bd4
mm: validate pmd after splitting
|
|
KASAN: use-after-free Read in do_madvise
io-uring
mm
|
19 |
syz |
error |
|
4 |
2096d |
2097d
|
15/29 |
2056d |
7867fd7cc44e
mm: madvise: fix vma user-after-free
|
|
kernel BUG at mm/khugepaged.c:LINE!
mm
|
-1 |
C |
done |
|
30 |
2098d |
2109d
|
15/29 |
2071d |
f3f99d63a815
khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter()
|
|
possible deadlock in shmem_fallocate (4)
mm
|
4 |
C |
done |
|
81 |
2121d |
2336d
|
15/29 |
2071d |
3e338d3c95c7
staging: android: ashmem: Fix lockdep warning for write operation
|
|
general protection fault in khugepaged
mm
|
2 |
C |
done |
|
3 |
2128d |
2140d
|
15/29 |
2071d |
594cced14ad3
khugepaged: fix null-pointer dereference due to race
|
|
general protection fault in unpin_user_pages
mm
|
2 |
C |
done |
|
13 |
2190d |
2190d
|
15/29 |
2132d |
f78cdbd75a57
rds: fix crash in rds_info_getsockopt()
|
|
WARNING in __mmdrop
mm
|
-1 |
syz |
done |
|
14 |
2487d |
2497d
|
15/29 |
2151d |
3d2c7d370475
Revert "vhost: access vq metadata through kernel virtual address"
|
|
WARNING in __vm_enough_memory (2)
mm
|
-1 |
syz |
done |
|
6 |
2222d |
2225d
|
15/29 |
2161d |
dadbd85f2afc
mm: Fix MREMAP_DONTUNMAP accounting on VMA merge
|
|
possible deadlock in shmem_mfill_atomic_pte
mm
|
4 |
C |
done |
|
82 |
2189d |
2240d
|
15/29 |
2161d |
94b7cc01da5a
mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path
|
|
possible deadlock in shmem_uncharge
mm
|
4 |
C |
done |
|
101 |
2190d |
2228d
|
15/29 |
2161d |
ea0dfeb4209b
shmem: fix possible deadlocks on shmlock_user_lock
|
|
WARNING: bad unlock balance in __get_user_pages_remote
mm
|
4 |
C |
done |
|
15 |
2233d |
2233d
|
15/29 |
2200d |
c7b6a566b985
mm/gup: Mark lock taken only after a successful retake
|
|
KASAN: stack-out-of-bounds Write in mpol_to_str
mm
|
21 |
C |
done |
|
23 |
2242d |
2246d
|
15/29 |
2200d |
aa9f7d5172fa
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
|
|
BUG: unable to handle kernel paging request in kernel_get_mempolicy
mm
|
8 |
C |
done |
|
1 |
2237d |
2234d
|
15/29 |
2200d |
ba841078cd05
mm/mempolicy: Allow lookup_node() to handle fatal signal
|
|
KASAN: slab-out-of-bounds Write in mpol_parse_str
mm
|
21 |
C |
done |
|
3 |
2320d |
2317d
|
15/29 |
2282d |
c7a91bc7c2e1
mm/mempolicy.c: fix out of bounds write in mpol_parse_str()
|
|
general protection fault in memcg_flush_percpu_vmstats
mm
cgroups
|
2 |
C |
error |
|
19 |
2392d |
2456d
|
14/29 |
2363d |
7961eee39784
mm: memcontrol: fix NULL-ptr deref in percpu stats flush
|
|
KASAN: slab-out-of-bounds Write in validate_chain
hardening
mm
|
21 |
syz |
done |
|
6 |
2509d |
2524d
|
12/29 |
2457d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
|
KASAN: slab-out-of-bounds Read in corrupted (2)
hardening
mm
|
17 |
syz |
done |
|
3 |
2489d |
2539d
|
12/29 |
2457d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
|
KASAN: use-after-free Read in corrupted (3)
mm
|
19 |
syz |
done |
|
1 |
2519d |
2519d
|
12/29 |
2457d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
|
WARNING in cgroup_rstat_updated
cgroups
mm
|
-1 |
syz |
done |
|
1 |
2478d |
2478d
|
12/29 |
2457d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
|
KASAN: use-after-free Read in unregister_shrinker
mm
|
19 |
syz |
done |
|
3 |
2535d |
2540d
|
12/29 |
2479d |
689d7ba4895b
nfsd: fix cleanup of nfsd_reply_cache_init on failure
|
|
memory leak in __memcg_init_list_lru_node
mm
|
3 |
C |
|
|
3 |
2535d |
2549d
|
12/29 |
2505d |
3510955b3271
mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node
|
|
general protection fault in load_elf_binary
fs
mm
|
2 |
C |
done |
|
15 |
2604d |
2608d
|
12/29 |
2531d |
cc338010a233
fs/binfmt_elf.c: free PT_INTERP filename ASAP
|
|
WARNING: locking bug in copy_process
mm
|
4 |
C |
done |
|
3 |
2564d |
2567d
|
12/29 |
2531d |
c3b7112df86b
fork: do not release lock that wasn't taken
|
|
KASAN: use-after-free Read in get_mem_cgroup_from_mm
mm
cgroups
|
19 |
C |
done |
|
375 |
2577d |
2751d
|
12/29 |
2531d |
c3f3ce049f7d
userfaultfd: use RCU to free the task struct when fork fails
|
|
BUG: bad usercopy in __check_heap_object (3)
mm
hardening
|
-1 |
C |
|
|
287 |
2803d |
2874d
|
12/29 |
2534d |
1f4aace60b0e
fs/seq_file.c: simplify seq_file iteration code and interface
|
|
kernel panic: corrupted stack end in wb_workfn
mm
|
2 |
C |
done |
|
14 |
2696d |
2697d
|
12/29 |
2596d |
ef82bcfa671b
sctp: use memdup_user instead of vmemdup_user
|
|
WARNING: bad usercopy in fanotify_read
hardening
mm
|
-1 |
C |
done |
|
5 |
2625d |
2626d
|
11/29 |
2605d |
b2d22b6bb33a
fanotify: Allow copying of file handle to userspace
|
|
KASAN: use-after-free Read in filemap_fault
mm
fs
|
19 |
C |
|
|
277 |
2689d |
2699d
|
11/29 |
2605d |
6b4c9f446981
filemap: drop the mmap_sem for all blocking operations
|
|
possible deadlock in shmem_fallocate (2)
mm
|
4 |
C |
|
|
1325 |
2631d |
2839d
|
11/29 |
2609d |
fb4415a12632
staging: android: ashmem: Don't call fallocate() with ashmem_mutex held.
|
|
possible deadlock in __do_page_fault
fs
mm
|
4 |
C |
|
|
820 |
2631d |
2798d
|
11/29 |
2609d |
fb4415a12632
staging: android: ashmem: Don't call fallocate() with ashmem_mutex held.
|
|
kernel BUG at mm/slab.c:LINE! (3)
mm
|
-1 |
C |
done |
|
14 |
2616d |
2743d
|
11/29 |
2616d |
bc6e019b6ee6
fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
|
|
KASAN: stack-out-of-bounds in do_raw_spin_lock
hardening
mm
|
17 |
C |
|
|
1 |
2691d |
2691d
|
11/29 |
2631d |
44039e00171b
fou6: Prevent unbounded recursion in GUE error handler
|
|
KASAN: out-of-bounds Read in update_curr
hardening
mm
|
17 |
syz |
|
|
1 |
2691d |
2691d
|
11/29 |
2631d |
44039e00171b
fou6: Prevent unbounded recursion in GUE error handler
|
|
general protection fault in list_lru_count_one
mm
|
2 |
C |
|
|
12 |
2864d |
2863d
|
11/29 |
2671d |
8e04944f0ea8
mm,vmscan: Allow preallocating memory for register_shrinker().
|
|
general protection fault in transparent_hugepage_enabled
mm
|
2 |
C |
|
|
626 |
2694d |
2703d
|
11/29 |
2681d |
7635d9cbe832
mm, thp, proc: report THP eligibility for each vma
|
|
WARNING in userfaultfd_ioctl
mm
fs
|
-1 |
C |
|
|
11 |
2714d |
2724d
|
11/29 |
2700d |
01e881f5a1fc
userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered
|
|
WARNING in alloc_pages_vma
mm
|
-1 |
C |
|
|
98 |
2718d |
2721d
|
11/29 |
2709d |
356ff8a9a78f
Revert "mm, thp: consolidate THP gfp handling into alloc_hugepage_direct_gfpmask"
|
|
WARNING in __put_task_struct (2)
mm
|
-1 |
C |
|
|
17 |
2771d |
2780d
|
11/29 |
2745d |
fe9bc1644918
RDMA/restrack: Protect from reentry to resource return path
|
|
kernel BUG at mm/shmem.c:LINE!
mm
|
-1 |
C |
|
|
30 |
2872d |
2874d
|
11/29 |
2745d |
552446a41661
shmem: Convert shmem_add_to_page_cache to XArray
|
|
WARNING in try_charge
xfs
cgroups
mm
|
-1 |
syz |
|
|
649 |
2792d |
2845d
|
10/29 |
2792d |
3100dab2aa09
mm: memcontrol: print proper OOM header when no eligible victim left
|
|
BUG: unable to handle kernel paging request in kfree (2)
mm
|
8 |
C |
|
|
297 |
2820d |
2871d
|
10/29 |
2794d |
7913690dcc5e
net/9p/client.c: version pointer uninitialized
|
|
WARNING: bad usercopy in __kvm_write_guest_page
hardening
mm
|
-1 |
C |
|
|
4 |
2922d |
2915d
|
8/29 |
2825d |
0a06d4256674
KVM: vmx: use local variable for current_vmptr when emulating VMPTRST
|
|
kernel BUG at fs/userfaultfd.c:LINE! (2)
fs
mm
|
-1 |
C |
|
|
8 |
2847d |
2865d
|
8/29 |
2841d |
31e810aa1033
userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails
|
|
kernel BUG at mm/slab.c:LINE! (2)
hardening
mm
|
-1 |
C |
|
|
701 |
2857d |
2871d
|
8/29 |
2842d |
6e6fddc78323
bpf: fix panic due to oob in bpf_prog_test_run_skb
|
|
kernel BUG at mm/gup.c:LINE!
mm
|
-1 |
syz |
|
|
4 |
2879d |
2877d
|
8/29 |
2856d |
24962af7e104
fs, elf: make sure to page align bss in load_elf_library
bb177a732c43
mm: do not bug_on on incorrect length in __mm_populate()
|
|
KASAN: use-after-free Read in corrupted
mm
|
19 |
C |
|
|
2 |
2926d |
2928d
|
8/29 |
2871d |
543b8f8662fe
fuse: don't keep dead fuse_conn at fuse_fill_super().
|
|
general protection fault in kernfs_kill_sb
mm
|
2 |
C |
|
|
29 |
2933d |
2970d
|
5/29 |
2933d |
8e04944f0ea8
mm,vmscan: Allow preallocating memory for register_shrinker().
|
|
general protection fault in __mem_cgroup_free
cgroups
mm
|
2 |
C |
|
|
22 |
2959d |
2971d
|
5/29 |
2933d |
4eaf431f6f71
memcg: fix per_node_info cleanup
|
|
WARNING: refcount bug in should_fail
mm
|
13 |
C |
|
|
3 |
2972d |
3003d
|
5/29 |
2933d |
8e04944f0ea8
mm,vmscan: Allow preallocating memory for register_shrinker().
|
|
possible deadlock in shmem_file_llseek
mm
|
4 |
C |
|
|
4432 |
2988d |
3051d
|
4/29 |
2979d |
cb57469c9573
staging: android: ashmem: Fix lockdep issue during llseek
|
|
possible deadlock in get_user_pages_unlocked
mm
|
4 |
C |
|
|
5 |
3006d |
3029d
|
4/29 |
2979d |
96312e61282a
mm/gup.c: teach get_user_pages_unlocked to handle FOLL_NOWAIT
|
|
kernel panic: Out of memory and no killable processes... (2)
mm
|
2 |
C |
|
|
1 |
3033d |
3033d
|
4/29 |
2979d |
0537250fdc6c
netfilter: x_tables: make allocation less aggressive
|
|
KASAN: use-after-free Read in __do_page_fault
mm
|
19 |
syz |
|
|
679 |
3112d |
3123d
|
4/29 |
3016d |
cb0631fd3cf9
x86/mm: fix use-after-free of vma during userfaultfd fault
|
|
WARNING in usercopy_warn
hardening
mm
|
-1 |
C |
|
|
171 |
3024d |
3042d
|
4/29 |
3018d |
79a8a642bf05
net: Whitelist the skbuff_head_cache "cb" field
|
|
WARNING in __check_heap_object
hardening
mm
|
-1 |
C |
|
|
5173 |
3043d |
3115d
|
4/29 |
3026d |
ab9ee8e38b29
sctp: Define usercopy region in SCTP proto slab cache
|
|
WARNING in __alloc_pages_slowpath
mm
|
-1 |
C |
|
|
9435 |
3029d |
3057d
|
4/29 |
3026d |
0c75f10312a3
staging: android: ion: Add __GFP_NOWARN for system contig heap
|
|
BUG: unable to handle kernel NULL pointer dereference in page_mapping
fs
mm
|
10 |
C |
|
|
4 |
3073d |
3075d
|
4/29 |
3029d |
7d11f77f84b2
RDS: null pointer dereference in rds_atomic_free_op
|
|
general protection fault in page_mapping
fs
mm
|
2 |
C |
|
|
46 |
3052d |
3080d
|
4/29 |
3029d |
7d11f77f84b2
RDS: null pointer dereference in rds_atomic_free_op
|
|
kernel BUG at fs/userfaultfd.c:LINE!
mm
fs
|
-1 |
C |
|
|
3 |
3073d |
3070d
|
4/29 |
3029d |
0cbb4b4f4c44
userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails
|
|
KASAN: use-after-free Read in handle_userfault
fs
mm
|
19 |
C |
|
|
151 |
3063d |
3126d
|
3/29 |
3051d |
0cbb4b4f4c44
userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails
|
|
WARNING in free_kthread_struct
mm
|
-1 |
C |
|
|
136405 |
3112d |
3115d
|
3/29 |
3095d |
e10237cc76ef
kthread: zero the kthread data structure
|