Skip to content

[ciqlts9_4] Multiple patches tested (6 commits)#1329

Merged
roxanan1996 merged 6 commits into
ciqlts9_4from
{ciq_kernel_automation}_ciqlts9_4
Jun 11, 2026
Merged

[ciqlts9_4] Multiple patches tested (6 commits)#1329
roxanan1996 merged 6 commits into
ciqlts9_4from
{ciq_kernel_automation}_ciqlts9_4

Conversation

@ciq-kernel-automation

Copy link
Copy Markdown

Summary

This PR has been automatically created after successful completion of all CI stages.

Commit Message(s)

crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

jira VULN-171987
cve CVE-2025-68724
commit-author Thorsten Blum <thorsten.blum@linux.dev>
commit df0845cf447ae1556c3440b8b155de0926cbaa56
scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

jira VULN-176437
cve CVE-2026-23216
commit-author Maurizio Lombardi <mlombard@redhat.com>
commit 9411a89e9e7135cc459178fa77a3f1d6191ae903
ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

jira VULN-183738
cve CVE-2026-43038
commit-author Eric Dumazet <edumazet@google.com>
commit 86ab3e55673a7a49a841838776f1ab18d23a67b5
ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

jira VULN-183732
cve CVE-2026-43037
commit-author Eric Dumazet <edumazet@google.com>
commit 2edfa31769a4add828a7e604b21cb82aaaa05925
wifi: brcmfmac: validate bsscfg indices in IF events

jira VULN-185621
cve CVE-2026-43110
commit-author Pengpeng Hou <pengpeng@iscas.ac.cn>
commit 304950a467d83678bd0b0f46331882e2ac23b12d
netfilter: ip6t_eui64: reject invalid MAC header for all packets

jira VULN-183037
cve CVE-2026-31685
commit-author Zhengchuan Liang <zcliangcn@gmail.com>
commit fdce0b3590f724540795b874b4c8850c90e6b0a8

Test Results

✅ Build Stage

Architecture Build Time Total Time
x86_64 28m 14s 29m 5s
aarch64 15m 33s 16m 21s

✅ Boot Verification

✅ Kernel Selftests

Architecture Passed Failed Compared Against Status
x86_64 190 27 ciqlts9_4 ✅ No regressions
aarch64 145 30 ciqlts9_4 ✅ No regressions

✅ LTP Results

Architecture Passed Failed Compared Against Status
x86_64 1447 81 ciqlts9_4 ✅ No regressions
aarch64 1418 82 ciqlts9_4 ✅ No regressions

🤖 This PR was automatically generated by GitHub Actions
Run ID: 27262632612

@ciq-kernel-automation ciq-kernel-automation Bot added the created-by-kernelci Tag PRs that were automatically created when a user branch was pushed to the repo (kernelCI) label Jun 11, 2026
CIQ Kernel Automation added 6 commits June 11, 2026 16:17
jira VULN-171987
cve CVE-2025-68724
commit-author Thorsten Blum <thorsten.blum@linux.dev>
commit df0845c

Use check_add_overflow() to guard against potential integer overflows
when adding the binary blob lengths and the size of an asymmetric_key_id
structure and return ERR_PTR(-EOVERFLOW) accordingly. This prevents a
possible buffer overflow when copying data from potentially malicious
X.509 certificate fields that can be arbitrarily large, such as ASN.1
INTEGER serial numbers, issuer names, etc.

Fixes: 7901c1a ("KEYS: Implement binary asymmetric key ID handling")
	Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
	Reviewed-by: Lukas Wunner <lukas@wunner.de>
	Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit df0845c)
	Signed-off-by: CIQ Kernel Automation <ciq_kernel_automation@ciq.com>
jira VULN-176437
cve CVE-2026-23216
commit-author Maurizio Lombardi <mlombard@redhat.com>
commit 9411a89

In iscsit_dec_conn_usage_count(), the function calls complete() while
holding the conn->conn_usage_lock. As soon as complete() is invoked, the
waiter (such as iscsit_close_connection()) may wake up and proceed to free
the iscsit_conn structure.

If the waiter frees the memory before the current thread reaches
spin_unlock_bh(), it results in a KASAN slab-use-after-free as the function
attempts to release a lock within the already-freed connection structure.

Fix this by releasing the spinlock before calling complete().

	Signed-off-by: Maurizio Lombardi <mlombard@redhat.com>
	Reported-by: Zhaojuan Guo <zguo@redhat.com>
	Reviewed-by: Mike Christie <michael.christie@oracle.com>
Link: https://patch.msgid.link/20260112165352.138606-2-mlombard@redhat.com
	Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
(cherry picked from commit 9411a89)
	Signed-off-by: CIQ Kernel Automation <ciq_kernel_automation@ciq.com>
jira VULN-183738
cve CVE-2026-43038
commit-author Eric Dumazet <edumazet@google.com>
commit 86ab3e5

Sashiko AI-review observed:

  In ip6_err_gen_icmpv6_unreach(), the skb is an outer IPv4 ICMP error packet
  where its cb contains an IPv4 inet_skb_parm. When skb is cloned into skb2
  and passed to icmp6_send(), it uses IP6CB(skb2).

  IP6CB interprets the IPv4 inet_skb_parm as an inet6_skb_parm. The cipso
  offset in inet_skb_parm.opt directly overlaps with dsthao in inet6_skb_parm
  at offset 18.

  If an attacker sends a forged ICMPv4 error with a CIPSO IP option, dsthao
  would be a non-zero offset. Inside icmp6_send(), mip6_addr_swap() is called
  and uses ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO).

  This would scan the inner, attacker-controlled IPv6 packet starting at that
  offset, potentially returning a fake TLV without checking if the remaining
  packet length can hold the full 18-byte struct ipv6_destopt_hao.

  Could mip6_addr_swap() then perform a 16-byte swap that extends past the end
  of the packet data into skb_shared_info?

  Should the cb array also be cleared in ip6_err_gen_icmpv6_unreach() and
  ip6ip6_err() to prevent this?

This patch implements the first suggestion.

I am not sure if ip6ip6_err() needs to be changed.
A separate patch would be better anyway.

Fixes: ca15a07 ("sit: generate icmpv6 error when receiving icmpv4 error")
	Reported-by: Ido Schimmel <idosch@nvidia.com>
Closes: https://sashiko.dev/#/patchset/20260326155138.2429480-1-edumazet%40google.com
	Signed-off-by: Eric Dumazet <edumazet@google.com>
	Cc: Oskar Kjos <oskar.kjos@hotmail.com>
	Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Link: https://patch.msgid.link/20260326202608.2976021-1-edumazet@google.com
	Signed-off-by: Jakub Kicinski <kuba@kernel.org>
(cherry picked from commit 86ab3e5)
	Signed-off-by: CIQ Kernel Automation <ciq_kernel_automation@ciq.com>
jira VULN-183732
cve CVE-2026-43037
commit-author Eric Dumazet <edumazet@google.com>
commit 2edfa31

Oskar Kjos reported the following problem.

ip4ip6_err() calls icmp_send() on a cloned skb whose cb[] was written
by the IPv6 receive path as struct inet6_skb_parm. icmp_send() passes
IPCB(skb2) to __ip_options_echo(), which interprets that cb[] region
as struct inet_skb_parm (IPv4). The layouts differ: inet6_skb_parm.nhoff
at offset 14 overlaps inet_skb_parm.opt.rr, producing a non-zero rr
value. __ip_options_echo() then reads optlen from attacker-controlled
packet data at sptr[rr+1] and copies that many bytes into dopt->__data,
a fixed 40-byte stack buffer (IP_OPTIONS_DATA_FIXED_SIZE).

To fix this we clear skb2->cb[], as suggested by Oskar Kjos.

Also add minimal IPv4 header validation (version == 4, ihl >= 5).

Fixes: c4d3efa ("[IPV6] IP6TUNNEL: Add support to IPv4 over IPv6 tunnel.")
	Reported-by: Oskar Kjos <oskar.kjos@hotmail.com>
	Signed-off-by: Eric Dumazet <edumazet@google.com>
	Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Link: https://patch.msgid.link/20260326155138.2429480-1-edumazet@google.com
	Signed-off-by: Jakub Kicinski <kuba@kernel.org>
(cherry picked from commit 2edfa31)
	Signed-off-by: CIQ Kernel Automation <ciq_kernel_automation@ciq.com>
jira VULN-185621
cve CVE-2026-43110
commit-author Pengpeng Hou <pengpeng@iscas.ac.cn>
commit 304950a

brcmf_fweh_handle_if_event() validates the firmware-provided interface
index before it touches drvr->iflist[], but it still uses the raw
bsscfgidx field as an array index without a matching range check.

Reject IF events whose bsscfg index does not fit in drvr->iflist[]
before indexing the interface array.

	Signed-off-by: Pengpeng Hou <pengpeng@iscas.ac.cn>
	Acked-by: Arend van Spriel <arend.vanspriel@broadcom.com>
Link: https://patch.msgid.link/20260323074551.93530-1-pengpeng@iscas.ac.cn
[add missing wifi prefix]
	Signed-off-by: Johannes Berg <johannes.berg@intel.com>
(cherry picked from commit 304950a)
	Signed-off-by: CIQ Kernel Automation <ciq_kernel_automation@ciq.com>
jira VULN-183037
cve CVE-2026-31685
commit-author Zhengchuan Liang <zcliangcn@gmail.com>
commit fdce0b3

`eui64_mt6()` derives a modified EUI-64 from the Ethernet source address
and compares it with the low 64 bits of the IPv6 source address.

The existing guard only rejects an invalid MAC header when
`par->fragoff != 0`. For packets with `par->fragoff == 0`, `eui64_mt6()`
can still reach `eth_hdr(skb)` even when the MAC header is not valid.

Fix this by removing the `par->fragoff != 0` condition so that packets
with an invalid MAC header are rejected before accessing `eth_hdr(skb)`.

Fixes: 1da177e ("Linux-2.6.12-rc2")
	Reported-by: Yifan Wu <yifanwucs@gmail.com>
	Reported-by: Juefei Pu <tomapufckgml@gmail.com>
Co-developed-by: Yuan Tan <yuantan098@gmail.com>
	Signed-off-by: Yuan Tan <yuantan098@gmail.com>
	Suggested-by: Xin Liu <bird@lzu.edu.cn>
	Tested-by: Ren Wei <enjou1224z@gmail.com>
	Signed-off-by: Zhengchuan Liang <zcliangcn@gmail.com>
	Signed-off-by: Ren Wei <n05ec@lzu.edu.cn>
	Signed-off-by: Florian Westphal <fw@strlen.de>
(cherry picked from commit fdce0b3)
	Signed-off-by: CIQ Kernel Automation <ciq_kernel_automation@ciq.com>
@roxanan1996 roxanan1996 force-pushed the {ciq_kernel_automation}_ciqlts9_4 branch from 756b8f2 to 67c2d0a Compare June 11, 2026 14:18

@PlaidCat PlaidCat left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@roxanan1996 roxanan1996 merged commit 0da6577 into ciqlts9_4 Jun 11, 2026
6 of 8 checks passed
@github-actions

Copy link
Copy Markdown

🤖 Validation Checks In Progress Workflow run: https://github.com/ctrliq/kernel-src-tree/actions/runs/27354009790

@github-actions

Copy link
Copy Markdown

JIRA PR Check Results

86 commit(s) with issues found:

Commit 2da2fd0ea301

Summary: arm64: errata: Mitigate TLBI errata on Microsoft Azure Cobalt 100 CPU

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 9351271cee75

Summary: arm64: errata: Mitigate TLBI errata on NVIDIA Olympus CPU

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit e7b219e319f0

Summary: arm64: errata: Mitigate TLBI errata on various Arm CPUs

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 3f109c01e5ff

Summary: arm64: cputype: Add C1-Premium definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 469c85b8dce8

Summary: arm64: cputype: Add C1-Ultra definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 44514fd53cee

Summary: arm64: cputype: Add NVIDIA Olympus definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 588ccf84300c

Summary: arm64: cputype: Add C1-Pro definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 9f70a7c4c713

Summary: arm64: cputype: Add Neoverse-V3AE definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 7868fb85b14b

Summary: arm64: cputype: Add Neoverse-N3 definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 92c1e8a4b9b3

Summary: arm64: cputype: Add Cortex-A720AE definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 6efa43e44d90

Summary: arm64: cputype: Add Cortex-A725 definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 98d081ac9fd1

Summary: arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 0119ab79547b

Summary: arm64: cputype: Add Cortex-X925 definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit fb99606343d3

Summary: arm64: cputype: Add Neoverse-V3 definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 8d03047a0cf8

Summary: arm64: cputype: Add Cortex-X4 definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit cc107c11e5a1

Summary: arm64: cputype: Add Cortex-A720 definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 0b0550c95944

Summary: arm64: Add Neoverse-V2 part

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 66cd51efdbc8

Summary: arm64: cputype: Add Cortex-X3 definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit f8197180f673

Summary: arm64: cputype: Add Cortex-X1C definitions

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit de3411153629

Summary: arm64: cputype: Add MIDR_CORTEX_A76AE

❌ Errors:

  • VULN-187522: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-187522: No time logged - please log time manually

Commit 7eb2893e3373

Summary: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()

❌ Errors:

  • VULN-37990: Status is 'Publish CSAF', expected 'In Progress'

Commit 846eb7c7be71

Summary: nvme-fc: do not wait in vain when unloading module

❌ Errors:

  • VULN-37041: Status is 'Publish CSAF', expected 'In Progress'

Commit 089c55a5963f

Summary: RDMA/mlx5: Fix fortify source warning while accessing Eth segment

❌ Errors:

  • VULN-37265: Status is 'Publish CSAF', expected 'In Progress'

Commit f27f8816e159

Summary: drm/vmwgfx: Fix the lifetime of the bo cursor memory

❌ Errors:

  • VULN-47230: Status is 'Publish CSAF', expected 'In Progress'

Commit da2cee981327

Summary: x86/fpu: Stop relying on userspace for info to fault in xsave buffer

❌ Errors:

  • VULN-42554: Status is 'Publish CSAF', expected 'In Progress'

Commit 992a4e5b415e

Summary: xhci: handle isoc Babble and Buffer Overrun events properly

❌ Errors:

  • VULN-42729: Status is 'Publish CSAF', expected 'In Progress'

Commit 19b06b1b8233

Summary: xhci: process isoc TD properly when there was a transaction error mid TD.

❌ Errors:

  • VULN-42729: Status is 'Publish CSAF', expected 'In Progress'

Commit 06fc4e4d4c60

Summary: HID: i2c-hid-of: fix NULL-deref on failed power up

❌ Errors:

  • VULN-36624: Status is 'Publish CSAF', expected 'In Progress'

Commit b8f5f617d033

Summary: net/mlx5e: fix a double-free in arfs_create_groups

❌ Errors:

  • VULN-42962: Status is 'Publish CSAF', expected 'In Progress'

Commit 963bcd0c6a73

Summary: NFS: Fix a race when updating an existing write

❌ Errors:

  • VULN-136536: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-136536: No time logged - please log time manually

Commit 67a95ae29ee9

Summary: nfs: fold nfs_page_group_lock_subrequests into nfs_lock_and_join_requests

❌ Errors:

  • VULN-136536: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-136536: No time logged - please log time manually

Commit e5e6e6bae8d3

Summary: NFS: Use the correct commit info in nfs_join_page_group()

❌ Errors:

  • VULN-136536: Status is 'Publish CSAF', expected 'In Progress'

⚠️ Warnings:

  • VULN-136536: No time logged - please log time manually

Commit 4577b0b6b1f9

Summary: bridge: mcast: Fix use-after-free during router port configuration

❌ Errors:

  • VULN-72330: Status is 'Publish CSAF', expected 'In Progress'

Commit 238031c794a4

Summary: net: bridge: mcast: update multicast contex when vlan state is changed

❌ Errors:

  • VULN-72330: Status is 'Publish CSAF', expected 'In Progress'

Commit f9843e7fcc59

Summary: net: bridge: mcast: re-implement br_multicast_{enable, disable}_port functions

❌ Errors:

  • VULN-72330: Status is 'Publish CSAF', expected 'In Progress'

Commit 24a8639a1c8c

Summary: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks

❌ Errors:

  • VULN-178617: Status is 'Publish CSAF', expected 'In Progress'

Commit 447d824653ad

Summary: scsi: qla2xxx: Fix improper freeing of purex item

❌ Errors:

  • VULN-171236: Status is 'Publish CSAF', expected 'In Progress'

Commit adec5390b70a

Summary: nbd: defer config unlock in nbd_genl_connect

❌ Errors:

  • VULN-171935: Status is 'Publish CSAF', expected 'In Progress'

Commit db06c2970147

Summary: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop

❌ Errors:

  • VULN-186699: Status is 'Publish CSAF', expected 'In Progress'

Commit 7efae41b1d10

Summary: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

❌ Errors:

  • VULN-152971: Status is 'Publish CSAF', expected 'In Progress'

Commit 5e94638cb120

Summary: usb: config: fix iteration issue in 'usb_get_bos_descriptor()'

❌ Errors:

  • VULN-35775: Status is 'Done', expected 'In Progress'

Commit 67570ebb046e

Summary: bonding: stop the device in bond_setup_by_slave()

❌ Errors:

  • VULN-35786: Status is 'Done', expected 'In Progress'

Commit eaae034eb70f

Summary: pwm: Fix double shift bug

❌ Errors:

  • VULN-35725: Status is 'Done', expected 'In Progress'

Commit c3b8b24dfde2

Summary: wifi: rt2x00: restart beacon queue when hardware reset

❌ Errors:

  • VULN-35143: Status is 'Done', expected 'In Progress'

Commit 531bdd52602e

Summary: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries

❌ Errors:

  • VULN-35879: Status is 'Done', expected 'In Progress'

Commit 06d29a29aebd

Summary: virtio-blk: fix implicit overflow on virtio_max_dma_size

❌ Errors:

  • VULN-35743: Status is 'Done', expected 'In Progress'

Commit c8dc24d212c1

Summary: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()

❌ Errors:

  • VULN-36025: Status is 'Done', expected 'In Progress'

Commit e17887811655

Summary: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()

❌ Errors:

  • VULN-36120: Status is 'Done', expected 'In Progress'

Commit dd4468f8b1ad

Summary: ptrace: slightly saner 'get_dumpable()' logic

❌ Errors:

  • VULN-185425: Status is 'Done', expected 'In Progress'

Commit 42f6438bdaf4

Summary: can: raw: fix ro->uniq use-after-free in raw_rcv()

❌ Errors:

  • VULN-182365: Status is 'Done', expected 'In Progress'

Commit c877d021aa64

Summary: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE

❌ Errors:

  • VULN-180396: Status is 'Done', expected 'In Progress'

Commit 71aef04a9da0

Summary: net: skbuff: propagate shared-frag marker through frag-transfer helpers

❌ Errors:

  • VULN-185347: Status is 'Done', expected 'In Progress'

Commit 017840d833e0

Summary: xfrm: esp: avoid in-place decrypt on shared skb frags

❌ Errors:

  • VULN-184825: Status is 'Done', expected 'In Progress'

Commit e554d776dbca

Summary: atl1c: Work around the DMA RX overflow issue

❌ Errors:

  • VULN-36010: Status is 'Done', expected 'In Progress'

Commit 06c3d3539515

Summary: perf/core: Bail out early if the request AUX area is out of bound

❌ Errors:

  • VULN-35978: Status is 'Done', expected 'In Progress'

Commit fb78beddd421

Summary: RDMA/siw: Fix connection failure handling

❌ Errors:

  • VULN-35016: Status is 'Done', expected 'In Progress'

Commit 2e22162e7b8f

Summary: i2c: core: Fix atomic xfer check for non-preempt config

❌ Errors:

  • VULN-35813: Status is 'Done', expected 'In Progress'

Commit 42bf712b70f9

Summary: i2c: core: Run atomic i2c xfer when !preemptible

❌ Errors:

  • VULN-35813: Status is 'Done', expected 'In Progress'

Commit 36477afd486a

Summary: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()

❌ Errors:

  • VULN-170949: Status is 'Done', expected 'In Progress'

Commit 2d8dcb1e515f

Summary: ext4: remove unused return value of __mb_check_buddy

❌ Errors:

  • VULN-157086: Status is 'Done', expected 'In Progress'

Commit 1201d340fd57

Summary: ext4: drop the call to ext4_error() from ext4_get_group_info()

❌ Errors:

  • VULN-157086: Status is 'Done', expected 'In Progress'

Commit 7ca24126fe6d

Summary: ext4: correct grp validation in ext4_mb_good_group

❌ Errors:

  • VULN-169012: Status is 'Done', expected 'In Progress'

Commit bc337405e33b

Summary: ext4: allow ext4_get_group_info() to fail

❌ Errors:

  • VULN-157086: Status is 'Done', expected 'In Progress'

Commit ee078ce2c841

Summary: rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()

❌ Errors:

  • VULN-157616: Status is 'Done', expected 'In Progress'

Commit c0e74391a5f2

Summary: mmc: sdio: fix possible resource leaks in some error paths

❌ Errors:

  • VULN-35546: Status is 'Done', expected 'In Progress'

Commit a6f06526b4e1

Summary: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()

❌ Errors:

  • VULN-176073: Status is 'Done', expected 'In Progress'

Commit 3981cce0d0ac

Summary: net/sched: cls_u32: use skb_header_pointer_careful()

❌ Errors:

  • VULN-176130: Status is 'Done', expected 'In Progress'

Commit f343c9526ef6

Summary: net: add skb_header_pointer_careful() helper

❌ Errors:

  • VULN-176130: Status is 'Done', expected 'In Progress'

Commit accc5b9658ac

Summary: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()

❌ Errors:

  • VULN-176314: Status is 'Done', expected 'In Progress'

Commit e161b5b2ec61

Summary: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure

❌ Errors:

  • VULN-176247: Status is 'Done', expected 'In Progress'

Commit 6cd484a39ac9

Summary: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats

❌ Errors:

  • VULN-173889: Status is 'Done', expected 'In Progress'

Commit 801db908ce6e

Summary: page_pool: Fix use-after-free in page_pool_recycle_in_ring

❌ Errors:

  • VULN-71839: Status is 'Done', expected 'In Progress'

Commit 054002c49d8c

Summary: x86/tdx: Fix "in-kernel MMIO" check

❌ Errors:

  • VULN-8574: Status is 'Done', expected 'In Progress'

Commit af68bee72ccb

Summary: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

❌ Errors:

  • VULN-180164: Status is 'Done', expected 'In Progress'

Commit 41da0222615d

Summary: crypto: algif_aead - snapshot IV for async AEAD requests

❌ Errors:

  • VULN-181880: Status is 'Done', expected 'In Progress'

Commit 99b3a9a9b0a1

Summary: crypto: algif_aead - Fix minimum RX size check for decryption

❌ Errors:

  • VULN-181880: Status is 'Done', expected 'In Progress'

Commit b8eb517124da

Summary: crypto: authencesn - reject short ahash digests during instance creation

❌ Errors:

  • VULN-181880: Status is 'Done', expected 'In Progress'

Commit ec0e219a192b

Summary: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption

❌ Errors:

  • VULN-181880: Status is 'Done', expected 'In Progress'

Commit 1ab3f51dcc7a

Summary: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec

❌ Errors:

  • VULN-175568: Status is 'Done', expected 'In Progress'

Commit 776af8ddad06

Summary: crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl

❌ Errors:

  • VULN-182990: Status is 'Done', expected 'In Progress'

Commit ea68d19a5cb0

Summary: crypto: af_alg - limit RX SG extraction by receive buffer budget

❌ Errors:

  • VULN-182990: Status is 'Done', expected 'In Progress'

Commit 4a065094779f

Summary: crypto: algif_aead - Revert to operating out-of-place

❌ Errors:

  • VULN-181880: Status is 'Done', expected 'In Progress'

Commit 5ffa1d8727d6

Summary: crypto: af-alg - fix NULL pointer dereference in scatterwalk

❌ Errors:

  • VULN-181880: Status is 'Done', expected 'In Progress'

Commit 5dbc71aecaa2

Summary: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path

❌ Errors:

  • VULN-35526: Status is 'Done', expected 'In Progress'

Commit 5fb6935c5624

Summary: um: Fix out-of-bounds read in LDT setup

❌ Errors:

  • VULN-51244: Status is 'Done', expected 'In Progress'

Commit 0f04622186e6

Summary: asix: fix uninit-value in asix_mdio_read()

❌ Errors:

  • VULN-64167: Status is 'Done', expected 'In Progress'

Summary: Checked 100 commit(s) total.

@github-actions

Copy link
Copy Markdown

Validation checks completed with issues View full results: https://github.com/ctrliq/kernel-src-tree/actions/runs/27354009790

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

created-by-kernelci Tag PRs that were automatically created when a user branch was pushed to the repo (kernelCI)

Development

Successfully merging this pull request may close these issues.

2 participants