mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-28 13:22:57 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Pablo Neira Ayuso d326df9428 netfilter: nf_tables: disallow element updates of bound anonymous sets 
[ Upstream commit c88c535b59 ]

Anonymous sets come with NFT_SET_CONSTANT from userspace. Although API
allows to create anonymous sets without NFT_SET_CONSTANT, it makes no
sense to allow to add and to delete elements for bound anonymous sets.

Fixes: 96518518cc ("netfilter: add nftables")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-06-28 10:14:20 +02:00
..
6lowpan
9p 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition 2023-04-20 12:02:11 +02:00
802 mrp: introduce active flags to prevent UAF when applicant uninit 2023-01-18 09:26:32 +01:00
8021q vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit() 2023-05-30 12:38:36 +01:00
appletalk
atm atm: hide unused procfs functions 2023-06-09 10:22:52 +02:00
ax25 ax25: Fix UAF bugs in ax25 timers 2022-04-27 13:15:32 +02:00
batman-adv batman-adv: Broken sync while rescheduling delayed work 2023-06-14 10:35:25 +02:00
bluetooth Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk 2023-06-14 10:35:26 +02:00
bpf bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() 2022-11-25 17:36:54 +01:00
bridge netfilter: nftables: add nft_parse_register_store() and use it 2023-05-30 12:38:37 +01:00
caif net: caif: Fix use-after-free in cfusbl_device_notify() 2023-03-17 08:30:37 +01:00
can can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write 2023-04-05 11:14:20 +02:00
ceph
core neighbour: delete neigh_lookup_nodev as not used 2023-06-21 15:38:59 +02:00
dcb net: dcb: disable softirqs in dcbnl_flush_dev() 2022-03-08 19:01:58 +01:00
dccp dccp: Call inet6_destroy_sock() via sk->sk_destruct(). 2023-04-26 11:18:57 +02:00
decnet Remove DECnet support from kernel 2023-06-21 15:38:58 +02:00
dns_resolver
dsa
ethernet
hsr net: hsr: Fix potential use-after-free 2022-12-08 11:16:32 +01:00
ieee802154 net: ieee802154: fix error return code in dgram_bind() 2022-11-03 23:50:54 +09:00
ife
ipv4 xfrm: Linearize the skb after offloading if needed. 2023-06-28 10:14:19 +02:00
ipv6 xfrm: Linearize the skb after offloading if needed. 2023-06-28 10:14:19 +02:00
ipx
iucv net/iucv: Fix size of interrupt data 2023-03-22 13:26:15 +01:00
kcm kcm: close race conditions on sk_receive_queue 2022-11-25 17:36:54 +01:00
key af_key: Reject optional tunnel/BEET mode templates in outbound policies 2023-05-30 12:38:36 +01:00
l2tp inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). 2023-04-26 11:18:57 +02:00
l3mdev
lapb
llc llc: only change llc->dev when bind() succeeds 2022-03-28 08:22:27 +02:00
mac80211 wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta 2023-04-20 12:02:10 +02:00
mac802154 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() 2022-12-14 11:26:14 +01:00
mpls net: mpls: fix stale pointer if allocation fails during device rename 2023-02-22 12:46:06 +01:00
ncsi
netfilter netfilter: nf_tables: disallow element updates of bound anonymous sets 2023-06-28 10:14:20 +02:00
netlabel
netlink netlink: annotate accesses to nlk->cb_running 2023-05-30 12:38:34 +01:00
netrom netrom: fix info-leak in nr_write_internal() 2023-06-09 10:22:48 +02:00
nfc nfc: change order inside nfc_se_io error path 2023-03-17 08:30:37 +01:00
nsh net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() 2023-05-30 12:38:36 +01:00
openvswitch net: openvswitch: fix flow memory leak in ovs_flow_cmd_new 2023-02-22 12:46:01 +01:00
packet af_packet: do not use READ_ONCE() in packet_bind() 2023-06-09 10:22:48 +02:00
phonet phonet: refcount leak in pep_sock_accep 2022-01-11 13:57:37 +01:00
psample
qrtr
rds net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() 2022-10-26 13:17:00 +02:00
rfkill
rose net/rose: Fix to not accept on connected socket 2023-02-22 12:46:05 +01:00
rxrpc rxrpc: Don't try to resend the request if we're receiving the reply 2022-06-14 16:53:50 +02:00
sched net: sched: move rtm_tca_policy declaration to include file 2023-06-14 10:35:25 +02:00
sctp sctp: fix an error code in sctp_sf_eat_auth() 2023-06-21 15:38:58 +02:00
smc net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending 2022-05-18 09:18:06 +02:00
strparser
sunrpc SUNRPC: remove the maximum number of retries in call_bind_status 2023-05-17 11:11:45 +02:00
switchdev
tipc net: tipc: resize nlattr array to correct size 2023-06-21 15:38:59 +02:00
tls
unix af_unix: Fix a data race of sk->sk_receive_queue->qlen. 2023-05-30 12:38:34 +01:00
vmw_vsock vsock: avoid to close connected socket after the timeout 2023-05-30 12:38:36 +01:00
wimax
wireless wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext" 2023-03-13 10:16:26 +01:00
x25 net/x25: Fix to not accept on connected socket 2023-02-22 12:46:02 +01:00
xfrm xfrm: Update ipcomp_scratches with NULL when freed 2022-10-26 13:17:09 +02:00
compat.c
Kconfig Remove DECnet support from kernel 2023-06-21 15:38:58 +02:00
Makefile Remove DECnet support from kernel 2023-06-21 15:38:58 +02:00
socket.c net: annotate sk->sk_err write from do_recvmmsg() 2023-05-30 12:38:34 +01:00
sysctl_net.c