projects / linux-2.6-block.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 7973bfd 3f34cfa)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
authorDavid S. Miller <davem@davemloft.net>
Thu, 1 Feb 2018 19:41:46 +0000 (14:41 -0500)
committerDavid S. Miller <davem@davemloft.net>
Thu, 1 Feb 2018 19:41:46 +0000 (14:41 -0500)
Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains Netfilter fixes for your net tree,
they are:

1) Fix OOM that syskaller triggers with ipt_replace.size = -1 and
   IPT_SO_SET_REPLACE socket option, from Dmitry Vyukov.

2) Check for too long extension name in xt_request_find_{match|target}
   that result in out-of-bound reads, from Eric Dumazet.

3) Fix memory exhaustion bug in ipset hash:*net* types when adding ranges
   that look like x.x.x.x-255.255.255.255, from Jozsef Kadlecsik.

4) Fix pointer leaks to userspace in x_tables, from Dmitry Vyukov.

5) Insufficient sanity checks in clusterip_tg_check(), also from Dmitry.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
1  2 
net/ipv4/ip_sockglue.c patch | diff1 | diff2 | blob | history
net/ipv4/netfilter/ipt_CLUSTERIP.c patch | diff1 | diff2 | blob | history
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c patch | diff1 | diff2 | blob | history
net/ipv6/ipv6_sockglue.c patch | diff1 | diff2 | blob | history
net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c patch | diff1 | diff2 | blob | history
net/netfilter/x_tables.c patch | diff1 | diff2 | blob | history

diff --cc net/ipv4/ip_sockglue.c
Simple merge
diff --cc net/ipv4/netfilter/ipt_CLUSTERIP.c
Simple merge
diff --cc net/ipv6/ipv6_sockglue.c
Simple merge
diff --cc net/netfilter/x_tables.c
Simple merge
Linux 6.x block layer and io_uring tree(s)