projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 1864b82 7931d32)
Merge tag 'nf-24-06-27' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
authorPaolo Abeni <pabeni@redhat.com>
Thu, 27 Jun 2024 11:00:50 +0000 (13:00 +0200)
committerPaolo Abeni <pabeni@redhat.com>
Thu, 27 Jun 2024 11:00:50 +0000 (13:00 +0200)
commitb62cb6a7e83622783100182d9b70e9c70393cfbe
treed0154f68ecbf082ab5692ecf9ace36a21c5cf033tree | snapshot
parent1864b8224195d0e43ddb92a8151f54f6562090cccommit | diff
parent7931d32955e09d0a11b1fe0b6aac1bfa061c005ccommit | diff
Merge tag 'nf-24-06-27' of git://git./linux/kernel/git/netfilter/nf

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains two Netfilter fixes for net:

Patch #1 fixes CONFIG_SYSCTL=n for a patch coming in the previous PR
 to move the sysctl toggle to enable SRv6 netfilter hooks from
 nf_conntrack to the core, from Jianguo Wu.

Patch #2 fixes a possible pointer leak to userspace due to insufficient
 validation of NFT_DATA_VALUE.

Linus found this pointer leak to userspace via zdi-disclosures@ and
forwarded the notice to Netfilter maintainers, he appears as reporter
because whoever found this issue never approached Netfilter
maintainers neither via security@ nor in private.

netfilter pull request 24-06-27

* tag 'nf-24-06-27' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
  netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
  netfilter: fix undefined reference to 'netfilter_lwtunnel_*' when CONFIG_SYSCTL=n
====================

Link: https://patch.msgid.link/20240626233845.151197-1-pablo@netfilter.org
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Linux 6.x block layer and io_uring tree(s)