-
Notifications
You must be signed in to change notification settings - Fork 63
KMSAN Trophies
-
strlen()called on non-terminated string inbind()forAF_PACKET- Status: fixed upstream
-
too short socket address passed to
selinux_socket_bind()- Status: reported upstream
-
uninitialized
msg.msg_flagsinrecvfromsyscall- Status: fixed upstream
-
incorrect input length validation in
nl_fib_input()- Status: fixed upstream by Eric Dumazet
-
uninitialized
sockc.tsflagsinudpv6_sendmsg()- Status: fixed upstream
-
incorrect input length validation in
packet_getsockopt()- Status: fixed upstream
-
incorrect input length validation in
raw_send_hdrinc()andrawv6_send_hdrinc()- Status: fixed upstream
-
missing check of
nlmsg_parse()return value inrtnl_fdb_dump()- Status: fixed upstream
-
Linux kernel 2.6.0 to 4.12-rc4 infoleak due to a data race in ALSA timer (CVE-2017-1000380)
-
strlen()incorrectly called on user-supplied memory indev_set_alias()- Status: fixed upstream
-
waitid()copies uninitialized data to userspace (CVE-2017-14954)- Status: fixed upstream by Al Viro
-
local infoleak via an
SG_GET_REQUEST_TABLEioctl call for/dev/sg0(CVE-2017-14991)- Status: fixed upstream
-
Uninitialized TCP request hash used in
cookie_v[46]_check()- Status: fixed upstream
-
_sctp_walk_params() and _sctp_walk_errors() dereference uninitialized pointers- Status: fixed upstream
-
sctp_v6_to_addr()compared addresses to uninit data- Status: fixed upstream
-
tun_get_user()accesses uninitialized data ifskb->lenis0- Status: fixed upstream
-
sctp_inet6_skb_msgname()leaks 4 bytes to the userspace- Status: fixed upstream by Eric W. Biederman
-
Use of uninitialized memory in
inet_ehash_insert()- Status: fixed upstream by Eric Dumazet
-
Buffer overflow in
verify_address_len()- Status: fixed upstream by Eric Biggers