]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a94493d) | patch
netfilter: nf_conncount: fix leaked ct in error paths
authorFernando Fernandez Mancera <fmancera@suse.de>
Fri, 5 Dec 2025 11:58:01 +0000 (12:58 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 19 Jan 2026 12:09:43 +0000 (13:09 +0100)
commite1ac8dce3a893641bef224ad057932f142b8a36f
tree827047f96ff34f46ee38d133cde5ae94eedba805tree | snapshot
parenta94493dd78b4ebd7f9c3433c6129fb889fcb5b29commit | diff
netfilter: nf_conncount: fix leaked ct in error paths

[ Upstream commit 2e2a720766886190a6d35c116794693aabd332b6 ]

There are some situations where ct might be leaked as error paths are
skipping the refcounted check and return immediately. In order to solve
it make sure that the check is always called.

Fixes: be102eb6a0e7 ("netfilter: nf_conncount: rework API to use sk_buff directly")
Signed-off-by: Fernando Fernandez Mancera <fmancera@suse.de>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
net/netfilter/nf_conncount.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git