From: Greg Kroah-Hartman Date: Fri, 20 Oct 2023 17:46:13 +0000 (+0200) Subject: 4.19-stable patches X-Git-Tag: v4.14.328~91 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=65597481ce70ff3a0b70775f8ccd1fa34fd14832;p=thirdparty%2Fkernel%2Fstable-queue.git 4.19-stable patches added patches: netfilter-nft_payload-fix-wrong-mac-header-matching.patch --- diff --git a/queue-4.19/netfilter-nft_payload-fix-wrong-mac-header-matching.patch b/queue-4.19/netfilter-nft_payload-fix-wrong-mac-header-matching.patch new file mode 100644 index 00000000000..f952c4bfb53 --- /dev/null +++ b/queue-4.19/netfilter-nft_payload-fix-wrong-mac-header-matching.patch @@ -0,0 +1,37 @@ +From d351c1ea2de3e36e608fc355d8ae7d0cc80e6cd6 Mon Sep 17 00:00:00 2001 +From: Florian Westphal +Date: Sun, 8 Oct 2023 19:36:53 +0200 +Subject: netfilter: nft_payload: fix wrong mac header matching +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Florian Westphal + +commit d351c1ea2de3e36e608fc355d8ae7d0cc80e6cd6 upstream. + +mcast packets get looped back to the local machine. +Such packets have a 0-length mac header, we should treat +this like "mac header not set" and abort rule evaluation. + +As-is, we just copy data from the network header instead. + +Fixes: 96518518cc41 ("netfilter: add nftables") +Reported-by: Blažej Krajňák +Signed-off-by: Florian Westphal +Signed-off-by: Greg Kroah-Hartman +--- + net/netfilter/nft_payload.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/net/netfilter/nft_payload.c ++++ b/net/netfilter/nft_payload.c +@@ -84,7 +84,7 @@ static void nft_payload_eval(const struc + + switch (priv->base) { + case NFT_PAYLOAD_LL_HEADER: +- if (!skb_mac_header_was_set(skb)) ++ if (!skb_mac_header_was_set(skb) || skb_mac_header_len(skb) == 0) + goto err; + + if (skb_vlan_tag_present(skb)) { diff --git a/queue-4.19/series b/queue-4.19/series index c8235fe3d6a..3f1a5445ea7 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -52,3 +52,4 @@ bluetooth-avoid-memcmp-out-of-bounds-warning.patch nfc-nci-fix-possible-null-pointer-dereference-in-send_acknowledge.patch regmap-fix-null-deref-on-lookup.patch kvm-x86-mask-lvtpc-when-handling-a-pmi.patch +netfilter-nft_payload-fix-wrong-mac-header-matching.patch