diff options
| author |   David S. Miller <davem@davemloft.net> | 2018-06-28 13:32:44 +0900 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2018-06-28 13:32:44 +0900 |
| commit | 09014418391cab8b11427d19d8c968b594f56925 (patch) | |
| tree | 67987b4c5dd5bd4e84fb4ced62a84cf1e3eea37a /net/bpfilter | |
| parent | nfp: cast sizeof() to int when comparing with error code (diff) | |
| parent | netfilter: nf_conncount: fix garbage collection confirm race (diff) | |
| download | linux-dev-09014418391cab8b11427d19d8c968b594f56925.tar.xz linux-dev-09014418391cab8b11427d19d8c968b594f56925.zip | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following patchset contains Netfilter fixes for your net tree:
1) Missing netlink attribute validation in nf_queue, uncovered by KASAN,
from Eric Dumazet.
2) Use pointer to sysctl table, save us 192 bytes of memory per netns.
Also from Eric.
3) Possible use-after-free when removing conntrack helper modules due
to missing synchronize RCU call. From Taehee Yoo.
4) Fix corner case in systcl writes to nf_log that lead to appending
data to uninitialized buffer, from Jann Horn.
5) Jann Horn says we may indefinitely block other users of nf_log_mutex
if a userspace access in proc_dostring() blocked e.g. due to a
userfaultfd.
6) Fix garbage collection race for unconfirmed conntrack entries,
from Florian Westphal.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/bpfilter')
0 files changed, 0 insertions, 0 deletions