forked from torvalds/linux
-
Notifications
You must be signed in to change notification settings - Fork 5
Issues: KSPP/linux
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
KCFI: Allow distinguishing indirect functions with otherwise identical signature
[Compiler] Clang
An issue in Clang itself needs to be addressed
enhancement
New feature or request
[Feature] CFI
Involves Control Flow Integrity
#365
opened Sep 22, 2024 by
kees
updated Feb 11, 2025
randstruct: Causes Internal Compiler Error when building kernel with GCC 15
#367
opened Dec 13, 2024 by
bauermann
updated Dec 13, 2024
Use a per-task stack canary for stack protector
[ARCH] arm32
Needed on the 32-bit ARM architecture (ARCH=arm)
[ARCH] mips
Needed on the MIPS architecture (ARCH=mips)
[ARCH] s390
Needed on the s390 architecture (ARCH=s390)
[ARCH-done] arm64
Finished on the 64-bit ARM architecture (ARCH=arm64)
[ARCH-done] powerpc32
Finished on the 32-bit POWER architecture
[ARCH-done] powerpc64
Finished on the 64-bit POWER architecture
[ARCH-done] riscv
Finished on the RISC-V architecture (ARCH=riscv)
[ARCH-done] x86_32
Finished on the 32-bit x86 architecture (ARCH=i386)
[ARCH-done] x86_64
Finished on the 64-bit x86 architecture (ARCH=x86)
compiler
Needs compiler support
#29
opened Dec 5, 2019 by
kees
updated Nov 24, 2024
18 of 33 tasks
Replace uses of snprintf() and vsnprintf()
good first issue
Good for newcomers
[Refactor] sprintf
Refactor sprintf uses
#105
opened Aug 24, 2020 by
alexdewar
updated Oct 18, 2024
Detect and avoid ToCToU double-fetch / double-read from userspace
#95
opened Aug 12, 2020 by
kees
updated Oct 16, 2024
Set BPF region read-only before starting verification
[subsystem] BPF
Related to the BPF subsystem
#154
opened Sep 19, 2021 by
kees
updated Sep 24, 2024
Improve FORTIFY_SOURCE to detect intra-object overflows
[Feature] FORTIFY_SOURCE
Involves buffer overflow detection
[Linux] v5.11
Released in Linux kernel v5.11
[Linux] v5.18
Released in Linux kernel v5.18
[PATCH] Exists
A patch exists to address the issue
#6
opened Sep 26, 2019 by
kees
updated Sep 22, 2024
5 of 6 tasks
KCFI: Support -fpatchable-function-entry=N,M where M > 0
[Compiler] Clang
An issue in Clang itself needs to be addressed
enhancement
New feature or request
[Feature] CFI
Involves Control Flow Integrity
#366
opened Sep 22, 2024 by
kees
updated Sep 22, 2024
GCC (and maybe Clang) lose local initializer state before BUILD_BUG_ON() if a function call is made between
#364
opened Sep 16, 2024 by
kees
updated Sep 16, 2024
Replace fake-flex array with flex-array member in drivers/hid/intel-ish-hid/ishtp-hid.h
[Idiom] fake flexible array
[Refactor] 1-element array
Conversion away from one-element array
#333
opened Aug 1, 2023 by
GustavoARSilva
updated Aug 23, 2024
Separate slab allocations by type
[Defense] type confusion
#189
opened May 5, 2022 by
kees
updated Aug 23, 2024
Add brute forcing/rapid crash detection and mitigation
[Feature] ASLR
involves address space layout randomization
[PATCH] Exists
A patch exists to address the issue
[PATCH] Submitted
A patch has been submitted upstream
userspace defense
This defense is intended to improve the resilience of userspace programs
#39
opened Mar 11, 2020 by
kees
updated Jul 23, 2024
Remove all strncpy() uses
good first issue
Good for newcomers
[Refactor] strcpy
Replace uses of unsafe strcpy-family functions
#90
opened Aug 11, 2020 by
kees
updated Jul 14, 2024
Kernel base address offset randomization (KASLR)
[ARCH] arm32
Needed on the 32-bit ARM architecture (ARCH=arm)
[ARCH] powerpc64
Needed on the 64-bit POWER architecture
[ARCH] riscv
Needed on the RISC-V architecture (ARCH=riscv)
[ARCH-done] arm64
Finished on the 64-bit ARM architecture (ARCH=arm64)
[ARCH-done] mips
Finished on the MIPS architecture (ARCH=mips)
[ARCH-done] powerpc32
Finished on the 32-bit POWER architecture
[ARCH-done] s390
Finished on the s390 architecture (ARCH=s390)
[ARCH-done] x86_32
Finished on the 32-bit x86 architecture (ARCH=i386)
[ARCH-done] x86_64
Finished on the 64-bit x86 architecture (ARCH=x86)
[Feature] ASLR
involves address space layout randomization
[PATCH] Exists
A patch exists to address the issue
#3
opened Sep 25, 2019 by
kees
updated May 22, 2024
x86 KASLR base exposed due to lack of entry trampoline (EntryBleed, CVE-2022-4543)
[ARCH] x86_64
Needed on the 64-bit x86 architecture (ARCH=x86)
[Defense] information exposure
Provide a defense for an information exposure
#361
opened May 16, 2024 by
kees
updated May 16, 2024
Enable -Wstringop-truncation
[Build] Global flag
[PATCH] Exists
A patch exists to address the issue
#144
opened Sep 6, 2021 by
kees
updated Apr 16, 2024
Audit overlapping composite structs that contain flex-arrays
-Wflex-array-member-not-at-end
coming in GCC-14
#202
opened Sep 20, 2022 by
GustavoARSilva
updated Apr 9, 2024
refactor all tasklet users into other APIs
[Refactor] tasklet removal
Replace tasklet users with threaded IRQs
robustness
Improve kernel code robustness
#94
opened Aug 11, 2020 by
kees
updated Mar 11, 2024
Finish converting greybus 0-sized arrays
[Refactor] 0-element array
Conversion away from zero-length array
#349
opened Mar 4, 2024 by
kees
updated Mar 4, 2024
Detect signed integer wrap-around (overflow and underflow)
compiler
Needs compiler support
#26
opened Dec 5, 2019 by
kees
updated Feb 27, 2024
3 of 6 tasks
set_memory_*() needs __must_check and atomicity
[ARCH] arm32
Needed on the 32-bit ARM architecture (ARCH=arm)
[ARCH] arm64
Needed on the 64-bit ARM architecture (ARCH=arm64)
[ARCH] powerpc64
Needed on the 64-bit POWER architecture
[ARCH] x86_32
Needed on the 32-bit x86 architecture (ARCH=i386)
[ARCH] x86_64
Needed on the 64-bit x86 architecture (ARCH=x86)
#7
opened Sep 26, 2019 by
kees
updated Feb 20, 2024
x86_64: move vdso to mmap region from stack region
[ARCH] x86_64
Needed on the 64-bit x86 architecture (ARCH=x86)
[Feature] ASLR
involves address space layout randomization
[PATCH] Submitted
A patch has been submitted upstream
#280
opened Apr 22, 2023 by
thestinger
updated Feb 10, 2024
Address -Warray-bounds warnings in fs/btrfs/sysfs.c
-Warray-bounds
#313
opened Jun 13, 2023 by
GustavoARSilva
updated Feb 7, 2024
Address -Warray-bounds warnings in net/socket.c
-Warray-bounds
#314
opened Jun 13, 2023 by
GustavoARSilva
updated Feb 7, 2024
Previous Next
ProTip!
Exclude everything labeled
bug
with -label:bug.