[2026-07-03T10:00:27+00:00] Reusing cached populate_hlen6.ko [2026-07-03T10:00:27+00:00] Compiling bond_variant_init (static) [2026-07-03T10:00:27+00:00] Building vuln rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-vuln [2026-07-03T10:00:28+00:00] Building fixed rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-fixed [2026-07-03T10:00:30+00:00] Booting vuln kernel (7.0.0-rc2) in QEMU [2026-07-03T10:00:47+00:00] Booting fixed kernel (7.0.0-rc2) in QEMU [2026-07-03T10:01:04+00:00] VULN populate-hlen6 line: CVE-2026-43456 VAR(ip6gre): bond1 priv=ffff8881040fa9c0 ip6_tnl.hlen offset=264 old=0x00000000(0) new=0x961a63cc(-1776655412) [2026-07-03T10:01:04+00:00] VULN ip6gre_header (type confusion, dev=bond1): CVE-2026-43456 ip6gre_header: dev=bond1 hlen=-1776655412 needed=-1776655372 headroom=288 [2026-07-03T10:01:04+00:00] VULN crash/BUG markers: [ 13.733306] kernel BUG at net/core/skbuff.c:2306! [ 13.734667] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 13.737519] RIP: 0010:pskb_expand_head+0x59c/0x6d0 [ 13.738545] ip6gre_header+0x14a/0x430 [ip6_gre] [ 13.741669] ? __pfx_ip6gre_header+0x10/0x10 [ip6_gre] [2026-07-03T10:01:04+00:00] VULN RESULT line (empty => crashed before reaching it): [2026-07-03T10:01:04+00:00] FIXED ip6gre_header (correct, dev=ip6gre1): CVE-2026-43456 ip6gre_header: dev=ip6gre1 hlen=4 needed=44 headroom=288 [2026-07-03T10:01:04+00:00] FIXED bond1 confusion line (should be empty): [2026-07-03T10:01:04+00:00] FIXED RESULT line: [init] RESULT: NOT VULNERABLE (no kernel crash; fixed bond_header_ops used the slave ip6gre1 device) [2026-07-03T10:01:04+00:00] FIXED crash markers (should be empty): [2026-07-03T10:01:04+00:00] VARIANT_ON_VULN=true VARIANT_ON_FIXED=false FIX_COVERS=true [2026-07-03T10:01:04+00:00] ALTERNATE TRIGGER CONFIRMED on vulnerable kernel; FIX COVERS IT on fixed kernel (no bypass). Exit 1. [2026-07-03T10:01:06+00:00] Reusing cached populate_hlen6.ko [2026-07-03T10:01:06+00:00] Reusing cached bond_variant_init [2026-07-03T10:01:06+00:00] Building vuln rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-vuln [2026-07-03T10:01:08+00:00] Building fixed rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-fixed [2026-07-03T10:01:09+00:00] Booting vuln kernel (7.0.0-rc2) in QEMU [2026-07-03T10:01:24+00:00] Booting fixed kernel (7.0.0-rc2) in QEMU [2026-07-03T10:01:41+00:00] VULN populate-hlen6 line: CVE-2026-43456 VAR(ip6gre): bond1 priv=ffff8881045b09c0 ip6_tnl.hlen offset=264 old=0x00000000(0) new=0x961a63cc(-1776655412) [2026-07-03T10:01:41+00:00] VULN ip6gre_header (type confusion, dev=bond1): CVE-2026-43456 ip6gre_header: dev=bond1 hlen=-1776655412 needed=-1776655372 headroom=288 [2026-07-03T10:01:41+00:00] VULN crash/BUG markers: [ 12.947904] kernel BUG at net/core/skbuff.c:2306! [ 12.948637] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 12.950906] RIP: 0010:pskb_expand_head+0x59c/0x6d0 [ 12.955953] ip6gre_header+0x14a/0x430 [ip6_gre] [ 12.956537] ? __pfx_ip6gre_header+0x10/0x10 [ip6_gre] [2026-07-03T10:01:41+00:00] VULN RESULT line (empty => crashed before reaching it): [2026-07-03T10:01:41+00:00] FIXED ip6gre_header (correct, dev=ip6gre1): CVE-2026-43456 ip6gre_header: dev=ip6gre1 hlen=4 needed=44 headroom=288 [2026-07-03T10:01:41+00:00] FIXED bond1 confusion line (should be empty): [2026-07-03T10:01:41+00:00] FIXED RESULT line: [init] RESULT: NOT VULNERABLE (no kernel crash; fixed bond_header_ops used the slave ip6gre1 device) [2026-07-03T10:01:41+00:00] FIXED crash markers (should be empty): [2026-07-03T10:01:41+00:00] VARIANT_ON_VULN=true VARIANT_ON_FIXED=false FIX_COVERS=true [2026-07-03T10:01:41+00:00] ALTERNATE TRIGGER CONFIRMED on vulnerable kernel; FIX COVERS IT on fixed kernel (no bypass). Exit 1. [2026-07-03T10:01:45+00:00] Reusing cached populate_hlen6.ko [2026-07-03T10:01:45+00:00] Reusing cached bond_variant_init [2026-07-03T10:01:45+00:00] Building vuln rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-vuln [2026-07-03T10:01:46+00:00] Building fixed rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-fixed [2026-07-03T10:01:48+00:00] Booting vuln kernel (7.0.0-rc2) in QEMU [2026-07-03T10:02:04+00:00] Booting fixed kernel (7.0.0-rc2) in QEMU [2026-07-03T10:02:20+00:00] VULN populate-hlen6 line: CVE-2026-43456 VAR(ip6gre): bond1 priv=ffff888103afc9c0 ip6_tnl.hlen offset=264 old=0x00000000(0) new=0x961a63cc(-1776655412) [2026-07-03T10:02:20+00:00] VULN ip6gre_header (type confusion, dev=bond1): CVE-2026-43456 ip6gre_header: dev=bond1 hlen=-1776655412 needed=-1776655372 headroom=288 [2026-07-03T10:02:20+00:00] VULN crash/BUG markers: [ 13.233348] kernel BUG at net/core/skbuff.c:2306! [ 13.234254] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 13.237118] RIP: 0010:pskb_expand_head+0x59c/0x6d0 [ 13.241539] ip6gre_header+0x14a/0x430 [ip6_gre] [ 13.241799] ? __pfx_ip6gre_header+0x10/0x10 [ip6_gre] [2026-07-03T10:02:20+00:00] VULN RESULT line (empty => crashed before reaching it): [2026-07-03T10:02:20+00:00] FIXED ip6gre_header (correct, dev=ip6gre1): CVE-2026-43456 ip6gre_header: dev=ip6gre1 hlen=4 needed=44 headroom=288 [2026-07-03T10:02:20+00:00] FIXED bond1 confusion line (should be empty): [2026-07-03T10:02:20+00:00] FIXED RESULT line: [init] RESULT: NOT VULNERABLE (no kernel crash; fixed bond_header_ops used the slave ip6gre1 device) [2026-07-03T10:02:20+00:00] FIXED crash markers (should be empty): [2026-07-03T10:02:20+00:00] VARIANT_ON_VULN=true VARIANT_ON_FIXED=false FIX_COVERS=true [2026-07-03T10:02:20+00:00] ALTERNATE TRIGGER CONFIRMED on vulnerable kernel; FIX COVERS IT on fixed kernel (no bypass). Exit 1. [2026-07-03T10:03:45+00:00] Reusing cached populate_hlen6.ko [2026-07-03T10:03:45+00:00] Reusing cached bond_variant_init [2026-07-03T10:03:45+00:00] Building vuln rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-vuln [2026-07-03T10:03:47+00:00] Building fixed rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-fixed [2026-07-03T10:03:49+00:00] Booting vuln kernel (7.0.0-rc2) in QEMU [2026-07-03T10:04:04+00:00] Booting fixed kernel (7.0.0-rc2) in QEMU [2026-07-03T10:04:20+00:00] VULN populate-hlen6 line: CVE-2026-43456 VAR(ip6gre): bond1 priv=ffff888103b4c9c0 ip6_tnl.hlen offset=264 old=0x00000000(0) new=0x961a63cc(-1776655412) [2026-07-03T10:04:20+00:00] VULN ip6gre_header (type confusion, dev=bond1): CVE-2026-43456 ip6gre_header: dev=bond1 hlen=-1776655412 needed=-1776655372 headroom=288 [2026-07-03T10:04:20+00:00] VULN crash/BUG markers: [ 13.240854] kernel BUG at net/core/skbuff.c:2306! [ 13.241626] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 13.244640] RIP: 0010:pskb_expand_head+0x59c/0x6d0 [ 13.249474] ip6gre_header+0x14a/0x430 [ip6_gre] [ 13.249743] ? __pfx_ip6gre_header+0x10/0x10 [ip6_gre] [2026-07-03T10:04:20+00:00] VULN RESULT line (empty => crashed before reaching it): [2026-07-03T10:04:20+00:00] FIXED ip6gre_header (correct, dev=ip6gre1): CVE-2026-43456 ip6gre_header: dev=ip6gre1 hlen=4 needed=44 headroom=288 [2026-07-03T10:04:20+00:00] FIXED bond1 confusion line (should be empty): [2026-07-03T10:04:20+00:00] FIXED RESULT line: [init] RESULT: NOT VULNERABLE (no kernel crash; fixed bond_header_ops used the slave ip6gre1 device) [2026-07-03T10:04:20+00:00] FIXED crash markers (should be empty): [2026-07-03T10:04:20+00:00] VARIANT_ON_VULN=true VARIANT_ON_FIXED=false FIX_COVERS=true [2026-07-03T10:04:20+00:00] ALTERNATE TRIGGER CONFIRMED on vulnerable kernel; FIX COVERS IT on fixed kernel (no bypass). Exit 1. [2026-07-03T10:05:00+00:00] Reusing cached populate_hlen6.ko [2026-07-03T10:05:00+00:00] Reusing cached bond_variant_init [2026-07-03T10:05:00+00:00] Building vuln rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-vuln [2026-07-03T10:05:02+00:00] Building fixed rootfs image copying from directory /data/pruva/project-cache/6cba72b6-b104-4ebf-be7b-01f748e87ccf/bond-var-rootfs-fixed [2026-07-03T10:05:04+00:00] Booting vuln kernel (7.0.0-rc2) in QEMU [2026-07-03T10:05:19+00:00] Booting fixed kernel (7.0.0-rc2) in QEMU [2026-07-03T10:05:35+00:00] VULN populate-hlen6 line: CVE-2026-43456 VAR(ip6gre): bond1 priv=ffff8881044ea9c0 ip6_tnl.hlen offset=264 old=0x00000000(0) new=0x961a63cc(-1776655412) [2026-07-03T10:05:35+00:00] VULN ip6gre_header (type confusion, dev=bond1): CVE-2026-43456 ip6gre_header: dev=bond1 hlen=-1776655412 needed=-1776655372 headroom=288 [2026-07-03T10:05:35+00:00] VULN crash/BUG markers: [ 13.021875] kernel BUG at net/core/skbuff.c:2306! [ 13.022704] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 13.025214] RIP: 0010:pskb_expand_head+0x59c/0x6d0 [ 13.028524] ip6gre_header+0x14a/0x430 [ip6_gre] [ 13.029388] ? __pfx_ip6gre_header+0x10/0x10 [ip6_gre] [2026-07-03T10:05:35+00:00] VULN RESULT line (empty => crashed before reaching it): [2026-07-03T10:05:35+00:00] FIXED ip6gre_header (correct, dev=ip6gre1): CVE-2026-43456 ip6gre_header: dev=ip6gre1 hlen=4 needed=44 headroom=288 [2026-07-03T10:05:35+00:00] FIXED bond1 confusion line (should be empty): [2026-07-03T10:05:35+00:00] FIXED RESULT line: [init] RESULT: NOT VULNERABLE (no kernel crash; fixed bond_header_ops used the slave ip6gre1 device) [2026-07-03T10:05:35+00:00] FIXED crash markers (should be empty): [2026-07-03T10:05:35+00:00] VARIANT_ON_VULN=true VARIANT_ON_FIXED=false FIX_COVERS=true [2026-07-03T10:05:35+00:00] ALTERNATE TRIGGER CONFIRMED on vulnerable kernel; FIX COVERS IT on fixed kernel (no bypass). Exit 1.