]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
projects / thirdparty / kernel / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dcb0f9a) | patch
netfilter: ctnetlink: check tuple and mask in expectations created via nfqueue
authorPablo Neira Ayuso <pablo@netfilter.org>
Thu, 7 May 2026 21:57:55 +0000 (23:57 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 7 May 2026 23:30:17 +0000 (01:30 +0200)
commitd8ef54c83ad70b81735b506431affadd2f720aa1
tree07fdb027fb7c86d737f48b2d0c47608482188112tree | snapshot
parentdcb0f9aefdd604d36710fda53c25bd7cf4a3e37acommit | diff
netfilter: ctnetlink: check tuple and mask in expectations created via nfqueue

Ensure the expectation tuple and mask attributes are present in netlink
message, otherwise null-ptr-deref is possible.

Fixes: bd0779370588 ("netfilter: nfnetlink_queue: allow to attach expectations to conntracks")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_conntrack_netlink.c diff | blob | blame | history
A mirror of Linus' kernel repository