diff options
| author | Paolo Abeni <[email protected]> | 2024-06-27 11:00:50 +0000 |
|---|---|---|
| committer | Paolo Abeni <[email protected]> | 2024-06-27 11:00:50 +0000 |
| commit | b62cb6a7e83622783100182d9b70e9c70393cfbe (patch) | |
| tree | d0154f68ecbf082ab5692ecf9ace36a21c5cf033 /drivers/net/dsa/microchip/ksz_common.c | |
| parent | net: mana: Fix possible double free in error handling path (diff) | |
| parent | netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (diff) | |
| download | kernel-b62cb6a7e83622783100182d9b70e9c70393cfbe.tar.gz kernel-b62cb6a7e83622783100182d9b70e9c70393cfbe.zip | |
Merge tag 'nf-24-06-27' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following patchset contains two Netfilter fixes for net:
Patch #1 fixes CONFIG_SYSCTL=n for a patch coming in the previous PR
to move the sysctl toggle to enable SRv6 netfilter hooks from
nf_conntrack to the core, from Jianguo Wu.
Patch #2 fixes a possible pointer leak to userspace due to insufficient
validation of NFT_DATA_VALUE.
Linus found this pointer leak to userspace via zdi-disclosures@ and
forwarded the notice to Netfilter maintainers, he appears as reporter
because whoever found this issue never approached Netfilter
maintainers neither via security@ nor in private.
netfilter pull request 24-06-27
* tag 'nf-24-06-27' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
netfilter: fix undefined reference to 'netfilter_lwtunnel_*' when CONFIG_SYSCTL=n
====================
Link: https://patch.msgid.link/[email protected]
Signed-off-by: Paolo Abeni <[email protected]>
Diffstat (limited to 'drivers/net/dsa/microchip/ksz_common.c')
0 files changed, 0 insertions, 0 deletions