]> www.infradead.org Git - users/dwmw2/linux.git/commit
projects / users / dwmw2 / linux.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 36534d3) | patch
netfilter: nft_inner: validate mandatory meta and payload
authorDavide Ornaghi <d.ornaghi97@gmail.com>
Wed, 5 Jun 2024 11:03:45 +0000 (13:03 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 11 Jun 2024 16:46:04 +0000 (18:46 +0200)
commitc4ab9da85b9df3692f861512fe6c9812f38b7471
tree40f367fd39317bc07a0eed8f9947c0e6e711ca83tree
parent36534d3c54537bf098224a32dc31397793d4594dcommit | diff
netfilter: nft_inner: validate mandatory meta and payload

Check for mandatory netlink attributes in payload and meta expression
when used embedded from the inner expression, otherwise NULL pointer
dereference is possible from userspace.

Fixes: a150d122b6bd ("netfilter: nft_meta: add inner match support")
Fixes: 3a07327d10a0 ("netfilter: nft_inner: support for inner tunnel header matching")
Signed-off-by: Davide Ornaghi <d.ornaghi97@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nft_meta.c diff | blob | history
net/netfilter/nft_payload.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.