mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-17 16:15:18 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Thadeu Lima de Souza Cascardo 36d5b29132 netfilter: nf_tables: do not allow RULE_ID to refer to another chain 
When doing lookups for rules on the same batch by using its ID, a rule from
a different chain can be used. If a rule is added to a chain but tries to
be positioned next to a rule from a different chain, it will be linked to
chain2, but the use counter on chain1 would be the one to be incremented.

When looking for rules by ID, use the chain that was used for the lookup by
name. The chain used in the context copied to the transaction needs to
match that same chain. That way, struct nft_rule does not need to get
enlarged with another member.

Fixes: 1a94e38d25 ("netfilter: nf_tables: add NFTA_RULE_ID attribute")
Fixes: 75dd48e2e4 ("netfilter: nf_tables: Support RULE_ID reference in new rule")
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2022-08-09 19:38:18 +02:00
..
6lowpan net: 6lowpan: constify lowpan_nhc structures 2022-06-09 21:53:28 +02:00
9p 9p: handling Rerror without copy_from_iter_full() 2022-06-09 10:01:34 -04:00
802
8021q Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-14 15:27:35 -07:00
appletalk
atm
ax25 net: avoid overflow when rose /proc displays timer information. 2022-08-05 19:00:02 -07:00
batman-adv net: wrap the wireless pointers in struct net_device in an ifdef 2022-05-22 21:51:54 +01:00
bluetooth Bluetooth: ISO: Fix not using the correct QoS 2022-08-08 17:06:36 -07:00
bpf bpf: Add support for forcing kfunc args to be trusted 2022-07-21 21:03:09 -07:00
bpfilter
bridge Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-28 18:21:16 -07:00
caif caif: Fix bitmap data type in "struct caifsock" 2022-07-22 12:51:45 +01:00
can Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-07 12:07:37 -07:00
ceph libceph: use swap() macro instead of taking tmp variable 2022-05-25 20:45:13 +02:00
core net: bpf: Use the protocol's set_rcvlowat behavior if there is one 2022-08-08 09:45:14 +01:00
dcb
dccp dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock 2022-08-01 12:11:56 -07:00
decnet dn_route: replace "jiffies-now>0" with "jiffies!=now" 2022-07-29 20:12:49 -07:00
dns_resolver
dsa net: dsa: Fix spelling mistakes and cleanup code 2022-08-01 12:23:06 -07:00
ethernet
ethtool net: delete extra space and tab in blank line 2022-07-25 19:38:31 -07:00
hsr
ieee802154
ife
ipv4 for-5.20/io_uring-zerocopy-send-2022-07-29 2022-08-02 13:37:55 -07:00
ipv6 net: seg6: initialize induction variable to first valid array index 2022-08-05 19:34:54 -07:00
iucv net: keep sk->sk_forward_alloc as small as possible 2022-06-10 16:21:27 -07:00
kcm
key xfrm: change the type of xfrm_register_km and xfrm_unregister_km 2022-06-24 10:19:11 +02:00
l2tp l2tp: l2tp_debugfs: fix Clang -Wformat warnings 2022-07-08 12:14:36 +01:00
l3mdev
lapb
llc net: rename reference+tracking helpers 2022-06-09 21:52:55 -07:00
mac80211 wifi: mac80211: do not abuse fq.lock in ieee80211_do_stop() 2022-07-26 13:23:05 -07:00
mac802154 net: mac802154: Fix symbol durations 2022-04-30 20:29:47 +02:00
mctp Networking changes for 5.19. 2022-05-25 12:22:58 -07:00
mpls
mptcp mptcp: do not queue data on closed subflows 2022-08-05 08:51:28 +01:00
ncsi net/ncsi: use proper "mellanox" DT vendor prefix 2022-06-23 20:51:06 -07:00
netfilter netfilter: nf_tables: do not allow RULE_ID to refer to another chain 2022-08-09 19:38:18 +02:00
netlabel
netlink Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
netrom
nfc net: nfc: Directly use ida_alloc()/free() 2022-05-28 15:28:47 +01:00
nsh
openvswitch Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-06-23 12:33:24 -07:00
packet net/af_packet: check len when min_header_len equals to 0 2022-07-29 12:09:27 +01:00
phonet
psample
qrtr
rds net/rds: Use PTR_ERR instead of IS_ERR for rdsdebug() 2022-08-01 11:45:15 +01:00
rfkill
rose net: rose: add netdev ref tracker to 'struct rose_sock' 2022-08-01 11:59:23 -07:00
rxrpc net: delete extra space and tab in blank line 2022-07-25 19:38:31 -07:00
sched net/sched: remove hacks added to dev_trans_start() for bonding to work 2022-08-03 19:20:13 -07:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-28 18:21:16 -07:00
smc net/smc: Enable module load on netlink usage 2022-07-27 13:24:42 +01:00
strparser strparser: pad sk_skb_cb to avoid straddling cachelines 2022-07-08 18:38:44 -07:00
sunrpc Notable regression fixes: 2022-07-02 11:20:56 -07:00
switchdev net: rename reference+tracking helpers 2022-06-09 21:52:55 -07:00
tipc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-28 18:21:16 -07:00
tls net/tls: Remove redundant workqueue flush before destroy 2022-08-01 12:44:38 -07:00
unix Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2022-07-09 12:24:16 -07:00
vmw_vsock hyperv-next for 5.19 2022-05-28 11:39:01 -07:00
wireless wifi: nl80211: add MLO link ID to the NL80211_CMD_FRAME TX API 2022-07-22 14:28:33 +02:00
x25 net/x25: fix call timeouts in blocking connects 2022-08-08 20:48:51 -07:00
xdp xsk: Mark napi_id on sendmsg() 2022-07-14 22:45:34 +02:00
xfrm Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2022-07-25 13:25:39 +01:00
compat.c Merge branch 'for-5.20/io_uring' into for-5.20/io_uring-zerocopy-send 2022-07-24 18:41:03 -06:00
devres.c
Kconfig
Kconfig.debug net: CONFIG_DEBUG_NET depends on CONFIG_NET 2022-06-02 10:15:05 -07:00
Makefile
socket.c Networking changes for 6.0. 2022-08-03 16:29:08 -07:00
sysctl_net.c