shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-03-24 19:40:21 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
9cb084df01e198119de477ac691d682fb01e80f3
linux/net
History
Pablo Neira Ayuso 9cb084df01 netfilter: nf_tables: do not allow mismatch field size and set key length 
[ Upstream commit 3ce67e3793f48c1b9635beb9bb71116ca1e51b58 ]

The set description provides the size of each field in the set whose sum
should not mismatch the set key length, bail out otherwise.

I did not manage to crash nft_set_pipapo with mismatch fields and set key
length so far, but this is UB which must be disallowed.

Fixes: f3a2181e16 ("netfilter: nf_tables: Support for sets with multiple ranged fields")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-01-25 15:27:51 -08:00
..
6lowpan
net: 6lowpan: constify lowpan_nhc structures
2022-06-09 21:53:28 +02:00
9p
net: 9p: avoid freeing uninit memory in p9pdu_vreadf
2024-01-01 12:39:04 +00:00
802
mrp: introduce active flags to prevent UAF when applicant uninit
2022-12-31 13:33:02 +01:00
8021q
net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev()
2024-01-01 12:38:57 +00:00
appletalk
appletalk: Fix Use-After-Free in atalk_ioctl
2023-12-20 17:00:19 +01:00
atm
atm: Fix Use-After-Free in do_vcc_ioctl
2023-12-20 17:00:17 +01:00
ax25
ax25: move from strlcpy with unused retval to strscpy
2022-08-22 17:55:50 -07:00
batman-adv
net: vlan: introduce skb_vlan_eth_hdr()
2023-12-20 17:00:16 +01:00
bluetooth
Bluetooth: Fix atomicity violation in {min,max}_key_size_set
2024-01-25 15:27:43 -08:00
bpf
Revert "bpf, test_run: fix &xdp_frame misplacement for LIVE_FRAMES"
2023-03-17 08:50:32 +01:00
bpfilter
uaccess: remove CONFIG_SET_FS
2022-02-25 09:36:06 +01:00
bridge
netfilter: bridge: replace physindev with physinif in nf_bridge_info
2024-01-25 15:27:51 -08:00
caif
net: caif: Fix use-after-free in cfusbl_device_notify()
2023-03-17 08:50:24 +01:00
can
net: annotate data-races around sk->sk_tsflags
2024-01-10 17:10:23 +01:00
ceph
libceph: use kernel_connect()
2023-10-19 23:08:56 +02:00
core
Revert "net: rtnetlink: Enslave device before bringing it up"
2024-01-25 15:27:43 -08:00
dcb
net: dcb: choose correct policy to parse DCB_ATTR_BCN
2023-08-11 12:08:17 +02:00
dccp
dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses.
2023-11-20 11:52:16 +01:00
devlink
devlink: remove reload failed checks in params get/set callbacks
2023-09-23 11:11:01 +02:00
dns_resolver
keys, dns: Fix size check of V1 server-list header
2024-01-25 15:27:38 -08:00
dsa
net: dsa: sja1105: always enable the send_meta options
2023-07-19 16:22:06 +02:00
ethernet
net: gro: skb_gro_header helper function
2022-08-25 10:33:21 +02:00
ethtool
ethtool: don't propagate EOPNOTSUPP from dumps
2024-01-10 17:10:32 +01:00
hsr
hsr: Prevent use after free in prp_create_tagged_frame()
2023-11-20 11:52:15 +01:00
ieee802154
net: ieee802154: fix error return code in dgram_bind()
2022-10-07 09:29:17 +02:00
ife
net: sched: ife: fix potential use-after-free
2024-01-01 12:38:56 +00:00
ipv4
netfilter: bridge: replace physindev with physinif in nf_bridge_info
2024-01-25 15:27:51 -08:00
ipv6
netfilter: bridge: replace physindev with physinif in nf_bridge_info
2024-01-25 15:27:51 -08:00
iucv
net/iucv: Fix size of interrupt data
2023-03-22 13:33:50 +01:00
kcm
kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
2023-09-19 12:28:10 +02:00
key
net: af_key: fix sadb_x_filter validation
2023-08-23 17:52:32 +02:00
l2tp
udp: annotate data-races around udp->encap_type
2024-01-10 17:10:28 +01:00
l3mdev
l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu
2022-04-15 14:27:24 -07:00
lapb
net: lapb: Use list_for_each_entry() to simplify code in lapb_iface.c
2021-06-08 16:31:25 -07:00
llc
llc: verify mac len before reading mac header
2023-11-20 11:52:15 +01:00
mac80211
wifi: mac80211: handle 320 MHz in ieee80211_ht_cap_ie_to_sta_ht_cap
2024-01-20 11:50:03 +01:00
mac802154
mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
2022-12-05 09:53:08 +01:00
mctp
mctp: perform route lookups under a RCU read-side lock
2023-10-19 23:08:57 +02:00
mpls
net: mpls: fix stale pointer if allocation fails during device rename
2023-02-22 12:59:53 +01:00
mptcp
mptcp: relax check on MPC passive fallback
2024-01-25 15:27:50 -08:00
ncsi
net/ncsi: Fix netlink major/minor version numbers
2024-01-25 15:27:24 -08:00
netfilter
netfilter: nf_tables: do not allow mismatch field size and set key length
2024-01-25 15:27:51 -08:00
netlabel
calipso: fix memory leak in netlbl_calipso_add_pass()
2024-01-25 15:27:20 -08:00
netlink
drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group
2023-12-13 18:39:12 +01:00
netrom
netrom: Deny concurrent connect().
2023-09-13 09:42:35 +02:00
nfc
nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to llcp_local
2024-01-10 17:10:22 +01:00
nsh
net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
2023-05-24 17:32:45 +01:00
openvswitch
net/sched: act_ct: Always fill offloading tuple iifidx
2024-01-10 17:10:36 +01:00
packet
packet: Move reference count in packet_sock to atomic_long_t
2023-12-13 18:39:20 +01:00
phonet
net: remove noblock parameter from recvmsg() entities
2022-04-12 15:00:25 +02:00
psample
psample: Require 'CAP_NET_ADMIN' when joining "packets" group
2023-12-13 18:39:11 +01:00
qrtr
net: qrtr: ns: Return 0 if server port is not present
2024-01-20 11:50:09 +01:00
rds
net: prevent address rewrite in kernel_bind()
2023-10-19 23:08:50 +02:00
rfkill
net: rfkill: gpio: set GPIO direction
2024-01-01 12:39:04 +00:00
rose
net/rose: fix races in rose_kill_by_device()
2024-01-01 12:38:57 +00:00
rxrpc
rxrpc: Fix hard call timeout units
2023-05-17 11:53:35 +02:00
sched
net/sched: act_ct: fix skb leak and crash on ooo frags
2024-01-25 15:27:31 -08:00
sctp
sctp: fix busy polling
2024-01-25 15:27:30 -08:00
smc
net/smc: fix invalid link access in dumping SMC-R connections
2024-01-10 17:10:25 +01:00
strparser
strparser: pad sk_skb_cb to avoid straddling cachelines
2022-07-08 18:38:44 -07:00
sunrpc
SUNRPC: fix _xprt_switch_find_current_entry logic
2024-01-25 15:27:23 -08:00
switchdev
net: rename reference+tracking helpers
2022-06-09 21:52:55 -07:00
tipc
tipc: Fix kernel-infoleak due to uninitialized TLV value
2023-11-28 17:07:05 +00:00
tls
net: tls, update curr on splice as well
2023-12-20 17:00:28 +01:00
unix
bpf: sockmap, fix proto update hook to avoid dup calls
2024-01-25 15:27:30 -08:00
vmw_vsock
virtio/vsock: fix logic which reduces credit update messages
2024-01-25 15:27:28 -08:00
wireless
wifi: cfg80211: lock wiphy mutex for rfkill poll
2024-01-20 11:50:03 +01:00
x25
net/x25: Fix to not accept on connected socket
2023-02-09 11:28:13 +01:00
xdp
xsk: Skip polling event check for unbound socket
2023-12-13 18:39:08 +01:00
xfrm
net: xfrm: skip policies marked as dead while reinserting policies
2023-10-25 12:03:12 +02:00
compat.c
use less confusing names for iov_iter direction initializers
2023-02-09 11:28:04 +01:00
devres.c
net: devres: Correct a grammatical error
2021-06-11 12:55:28 -07:00
Kconfig
Remove DECnet support from kernel
2022-08-22 14:26:30 +01:00
Kconfig.debug
net: make NET_(DEV|NS)_REFCNT_TRACKER depend on NET
2022-09-20 14:23:56 -07:00
Makefile
devlink: move code to a dedicated directory
2023-08-30 16:11:00 +02:00
socket.c
splice, net: Add a splice_eof op to file-ops and socket-ops
2024-01-10 17:10:27 +01:00
sysctl_net.c
sections: move and rename core_kernel_data() to is_kernel_core_data()
2021-11-09 10:02:50 -08:00