mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net
History
Pablo Neira Ayuso 1444835968 netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID 
[ Upstream commit 0ebc1064e4 ]

Bail out with EOPNOTSUPP when adding rule to bound chain via
NFTA_RULE_CHAIN_ID. The following warning splat is shown when
adding a rule to a deleted bound chain:

 WARNING: CPU: 2 PID: 13692 at net/netfilter/nf_tables_api.c:2013 nf_tables_chain_destroy+0x1f7/0x210 [nf_tables]
 CPU: 2 PID: 13692 Comm: chain-bound-rul Not tainted 6.1.39 #1
 RIP: 0010:nf_tables_chain_destroy+0x1f7/0x210 [nf_tables]

Fixes: d0e2c7de92 ("netfilter: nf_tables: add NFT_CHAIN_BINDING")
Reported-by: Kevin Rich <kevinrich1337@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-08-03 10:25:53 +02:00
..
6lowpan 6lowpan: Remove redundant initialisation. 2023-03-29 08:22:52 +01:00
9p Including fixes from netfilter. 2023-05-05 19:12:01 -07:00
802
8021q vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit() 2023-05-17 12:55:39 +01:00
appletalk
atm atm: hide unused procfs functions 2023-05-17 21:27:30 -07:00
ax25
batman-adv batman-adv: Broken sync while rescheduling delayed work 2023-05-26 23:14:49 +02:00
bluetooth Bluetooth: SCO: fix sco_conn related locking and validity issues 2023-07-27 08:57:03 +02:00
bpf bpf: add test_run support for netfilter program type 2023-04-21 11:34:50 -07:00
bpfilter
bridge bridge: Add extack warning when enabling STP in netns. 2023-07-27 08:56:55 +02:00
caif net: caif: Fix use-after-free in cfusbl_device_notify() 2023-03-02 22:22:07 -08:00
can can: bcm: Fix UAF in bcm_proc_show() 2023-07-27 08:56:36 +02:00
ceph libceph: harden msgr2.1 frame segment length checks 2023-07-23 13:54:06 +02:00
core xdp: use trusted arguments in XDP hints kfuncs 2023-07-23 13:53:48 +02:00
dcb
dccp dccp: Print deprecation notice. 2023-06-15 15:08:59 -07:00
devlink devlink: report devlink_port_type_warn source device 2023-07-27 08:56:51 +02:00
dns_resolver
dsa net: dsa: sja1105: always enable the send_meta options 2023-07-19 16:36:48 +02:00
ethernet
ethtool ethtool: Fix uninitialized number of lanes 2023-05-03 09:13:20 +01:00
handshake net/handshake: remove fput() that causes use-after-free 2023-06-14 22:26:37 -07:00
hsr hsr: ratelimit only when errors are printed 2023-03-16 21:11:03 -07:00
ieee802154 ieee802154: Replace strlcpy with strscpy 2023-06-16 22:14:24 +02:00
ife
ipv4 tcp: annotate data-races around fastopenq.max_qlen 2023-07-27 08:57:05 +02:00
ipv6 ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new temporary address 2023-08-03 10:25:51 +02:00
iucv net/iucv: Fix size of interrupt data 2023-03-16 17:34:40 -07:00
kcm
key af_key: Reject optional tunnel/BEET mode templates in outbound policies 2023-05-10 07:04:51 +02:00
l2tp l2tp: generate correct module alias strings 2023-03-31 09:25:12 +01:00
l3mdev
lapb
llc llc: Don't drop packet from non-root netns. 2023-07-27 08:57:01 +02:00
mac80211 wifi: mac80211: Remove "Missing iftype sband data/EHT cap" spam 2023-07-19 16:35:31 +02:00
mac802154 Merge tag 'ieee802154-for-net-2023-06-19' of git://git.kernel.org/pub/scm/linux/kernel/git/wpan/wpan 2023-06-20 09:32:33 +01:00
mctp mctp: remove MODULE_LICENSE in non-modules 2023-03-09 23:06:21 -08:00
mpls net: mpls: fix stale pointer if allocation fails during device rename 2023-02-15 10:26:37 +00:00
mptcp mptcp: ensure subflow is unhashed before cleaning the backlog 2023-07-23 13:54:12 +02:00
ncsi net/ncsi: change from ndo_set_mac_address to dev_set_mac_address 2023-07-23 13:54:17 +02:00
netfilter netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID 2023-08-03 10:25:53 +02:00
netlabel netlabel: fix shift wrapping bug in netlbl_catmap_setlong() 2023-06-10 19:54:06 +01:00
netlink netlink: Add __sock_i_ino() for __netlink_diag_dump(). 2023-07-19 16:35:38 +02:00
netrom netrom: fix info-leak in nr_write_internal() 2023-05-25 21:02:29 -07:00
nfc net: nfc: Fix use-after-free caused by nfc_llcp_find_local 2023-07-19 16:35:36 +02:00
nsh net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() 2023-05-15 08:40:27 +01:00
openvswitch net: openvswitch: fix upcall counter access before allocation 2023-06-07 12:25:05 +01:00
packet af_packet: do not use READ_ONCE() in packet_bind() 2023-05-29 22:03:48 -07:00
phonet
psample
qrtr net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() 2023-04-13 09:35:30 +02:00
rds
rfkill net: rfkill-gpio: Add explicit include for of.h 2023-04-06 20:36:27 +02:00
rose
rxrpc rxrpc: Truncate UTS_RELEASE for rxrpc version 2023-05-30 10:01:06 +02:00
sched net: sched: cls_bpf: Undo tcf_bind_filter in case of an error 2023-07-27 08:56:57 +02:00
sctp sctp: fix potential deadlock on &net->sctp.addr_wq_lock 2023-07-19 16:36:42 +02:00
smc net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT 2023-06-03 20:51:04 +01:00
strparser
sunrpc SUNRPC: Fix UAF in svc_tcp_listen_data_ready() 2023-07-19 16:36:22 +02:00
switchdev
tipc net: tipc: resize nlattr array to correct size 2023-06-15 14:59:17 -07:00
tls tls: improve lockless access safety of tls_err_abort() 2023-05-26 10:35:58 +01:00
unix bpf, sockmap: Pass skb ownership through read_skb 2023-05-23 16:09:47 +02:00
vmw_vsock bpf, sockmap: Pass skb ownership through read_skb 2023-05-23 16:09:47 +02:00
wireless wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point() 2023-07-27 08:56:51 +02:00
x25
xdp xsk: Honor SO_BINDTODEVICE on bind 2023-07-19 16:36:47 +02:00
xfrm xfrm: Use xfrm_state selector for BEET input 2023-06-12 10:36:48 +02:00
Kconfig net/handshake: Add Kunit tests for the handshake consumer API 2023-04-19 18:48:48 -07:00
Kconfig.debug
Makefile net/handshake: Create a NETLINK service for handling handshake requests 2023-04-19 18:48:48 -07:00
compat.c net/compat: Update msg_control_is_user when setting a kernel pointer 2023-04-14 11:09:27 +01:00
devres.c
socket.c net: annotate sk->sk_err write from do_recvmmsg() 2023-05-10 09:58:29 +01:00
sysctl_net.c