Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-07 13:43:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
d6ba6de49c
linux-stable/net
History
Xingyuan Mo d6ba6de49c nf_tables: fix NULL pointer dereference in nft_inner_init() 
commit 52177bbf19 upstream.

We should check whether the NFTA_INNER_NUM netlink attribute is present
before accessing it, otherwise a null pointer deference error will occur.

Call Trace:
 dump_stack_lvl+0x4f/0x90
 print_report+0x3f0/0x620
 kasan_report+0xcd/0x110
 __asan_load4+0x84/0xa0
 nft_inner_init+0x128/0x2e0
 nf_tables_newrule+0x813/0x1230
 nfnetlink_rcv_batch+0xec3/0x1170
 nfnetlink_rcv+0x1e4/0x220
 netlink_unicast+0x34e/0x4b0
 netlink_sendmsg+0x45c/0x7e0
 __sys_sendto+0x355/0x370
 __x64_sys_sendto+0x84/0xa0
 do_syscall_64+0x3f/0x90
 entry_SYSCALL_64_after_hwframe+0x6e/0xd8

Fixes: 3a07327d10 ("netfilter: nft_inner: support for inner tunnel header matching")
Signed-off-by: Xingyuan Mo <hdthky0@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-10-25 12:16:15 +02:00
..
6lowpan 6lowpan: Remove redundant initialisation. 2023-03-29 08:22:52 +01:00
9p 9p: remove dead stores (variable set again without being read) 2023-07-20 19:14:50 +00:00
802 treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
8021q Revert "vlan: Fix VLAN 0 memory leak" 2023-08-14 08:14:00 +01:00
appletalk sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
atm sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
ax25 sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
batman-adv batman-adv: Hold rtnl lock during MTU update via netlink 2023-08-22 17:25:10 -07:00
bluetooth Bluetooth: hci_conn: Fix modifying handle while aborting 2023-10-25 12:16:09 +02:00
bpf bpf: Move kernel test kfuncs to bpf_testmod 2023-05-16 22:09:24 -07:00
bpfilter net: Use umd_cleanup_helper() 2023-05-31 13:06:57 +02:00
bridge neighbour: fix data-races around n->output 2023-10-10 22:03:01 +02:00
caif sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
can can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior 2023-10-19 23:10:59 +02:00
ceph libceph: use kernel_connect() 2023-10-19 23:11:05 +02:00
core netlink: Correct offload_xstats size 2023-10-25 12:16:15 +02:00
dcb net: dcb: choose correct policy to parse DCB_ATTR_BCN 2023-08-01 21:07:46 -07:00
dccp dccp: fix dccp_v4_err()/dccp_v6_err() again 2023-10-06 13:15:54 +02:00
devlink devlink: Hold devlink lock on health reporter dump get 2023-10-19 23:10:59 +02:00
dns_resolver cred: Do not default to init_cred in prepare_kernel_cred() 2022-11-01 10:04:52 -07:00
dsa net: dsa: fix older DSA drivers using phylink 2023-07-27 17:19:46 -07:00
ethernet net: ethernet: use sysfs_emit() to instead of scnprintf() 2022-12-07 20:02:44 -08:00
ethtool ethtool: plca: fix plca enable data type while parsing the value 2023-10-10 22:03:02 +02:00
handshake net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() 2023-10-06 13:15:57 +02:00
hsr net: hsr: Add __packed to struct hsr_sup_tlv. 2023-10-06 13:16:17 +02:00
ieee802154 sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
ife
ipv4 ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr 2023-10-25 12:16:14 +02:00
ipv6 net: ipv6: fix return value check in esp_remove_trailer 2023-10-25 12:16:13 +02:00
iucv net/iucv: Fix size of interrupt data 2023-03-16 17:34:40 -07:00
kcm kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg(). 2023-09-19 12:30:30 +02:00
key net: af_key: fix sadb_x_filter validation 2023-06-29 10:47:29 +02:00
l2tp ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() 2023-10-10 22:03:01 +02:00
l3mdev
lapb
llc llc: Don't drop packet from non-root netns. 2023-07-20 10:46:28 +02:00
mac80211 wifi: mac80211: Create resources for disabled links 2023-10-10 22:03:00 +02:00
mac802154 Core WPAN changes: 2023-06-24 15:41:46 -07:00
mctp mctp: perform route lookups under a RCU read-side lock 2023-10-19 23:11:06 +02:00
mpls net: move gso declarations and functions to their own files 2023-06-10 00:11:41 -07:00
mptcp mptcp: more conservative check for zero probes 2023-10-25 12:16:11 +02:00
ncsi ncsi: Propagate carrier gain/loss events to the NCSI controller 2023-10-06 13:16:17 +02:00
netfilter nf_tables: fix NULL pointer dereference in nft_inner_init() 2023-10-25 12:16:15 +02:00
netlabel netlabel: Reorder fields in 'struct netlbl_domaddr6_map' 2023-06-20 20:06:56 -07:00
netlink netlink: annotate data-races around sk->sk_err 2023-10-10 22:03:03 +02:00
netrom netrom: Deny concurrent connect(). 2023-09-13 09:53:12 +02:00
nfc nfc: nci: fix possible NULL pointer dereference in send_acknowledge() 2023-10-25 12:16:10 +02:00
nsh net: move gso declarations and functions to their own files 2023-06-10 00:11:41 -07:00
openvswitch net: openvswitch: reject negative ifindex 2023-08-15 19:07:52 -07:00
packet af_packet: Fix fortified memcpy() without flex array. 2023-10-19 23:11:01 +02:00
phonet sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
psample
qrtr Networking changes for 6.5. 2023-06-28 16:43:10 -07:00
rds net: prevent address rewrite in kernel_bind() 2023-10-19 23:10:56 +02:00
rfkill net: rfkill: gpio: prevent value glitch during probe 2023-10-25 12:16:14 +02:00
rose sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
rxrpc Networking changes for 6.5. 2023-06-28 16:43:10 -07:00
sched net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve 2023-10-25 12:16:15 +02:00
sctp sctp: update hb timer immediately after users change hb_interval 2023-10-10 22:03:03 +02:00
smc net/smc: return the right falback reason when prefix checks fail 2023-10-25 12:16:10 +02:00
strparser
sunrpc Revert "SUNRPC dont update timeout value on connection reset" 2023-10-06 13:16:23 +02:00
switchdev
tipc tipc: fix a potential deadlock on &tx->lock 2023-10-10 22:03:03 +02:00
tls net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() 2023-09-19 12:30:29 +02:00
unix af_unix: Fix data-race around unix_tot_inflight. 2023-09-19 12:30:18 +02:00
vmw_vsock sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
wireless wifi: cfg80211: use system_unbound_wq for wiphy work 2023-10-25 12:16:13 +02:00
x25 sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
xdp xdp: Fix zero-size allocation warning in xskq_create() 2023-10-19 23:11:00 +02:00
xfrm net: xfrm: skip policies marked as dead while reinserting policies 2023-10-25 12:16:13 +02:00
compat.c net/compat: Update msg_control_is_user when setting a kernel pointer 2023-04-14 11:09:27 +01:00
devres.c
Kconfig net/core: Enable socket busy polling on -RT 2023-05-26 08:51:26 +01:00
Kconfig.debug net: make NET_(DEV|NS)_REFCNT_TRACKER depend on NET 2022-09-20 14:23:56 -07:00
Makefile net/handshake: Create a NETLINK service for handling handshake requests 2023-04-19 18:48:48 -07:00
socket.c net: prevent address rewrite in kernel_bind() 2023-10-19 23:10:56 +02:00
sysctl_net.c