lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170313173942.GB26782@breakpoint.cc> Date: Mon, 13 Mar 2017 18:39:42 +0100 From: Florian Westphal <fw@...len.de> To: Dan Streetman <dan.streetman@...onical.com> Cc: David Miller <davem@...emloft.net>, fw@...len.de, eric.dumazet@...il.com, lkml@...ene.org, netdev@...r.kernel.org, netfilter-devel@...r.kernel.org Subject: Re: ip_rcv_finish() NULL pointer kernel panic Dan Streetman <dan.streetman@...onical.com> wrote: > > But I have to say that this netfilter bridging fake dst has caused > > several dozen bugs over the years, it is fundamentally a serious > > problem in and of itself. It provides DST facilities by hand, in a > > static object, without using any of the usual methods for creating and > > facilitating dst objects. > > > > Therefore every time someone makes an adjustment to common dst code, > > this turd (and yes, it _is_ a turd) breaks. Every single time. > > > > So in the long term, instead of polishing this turd, let's get rid of > > it. > > I'm getting reports of this bug as well; is anyone working on removing > the bridge fake dst? I don't see how we can ever remove it (unless we remove the call-iptables feature of course).
Powered by blists - more mailing lists