| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220425105354.GC26757@breakpoint.cc>
Date: Mon, 25 Apr 2022 12:53:54 +0200
From: Florian Westphal <fw@...len.de>
To: Ilya Maximets <i.maximets@....org>
Cc: Florian Westphal <fw@...len.de>,
Mark Mielke <mark.mielke@...il.com>, dev@...nvswitch.org,
netdev@...r.kernel.org, stable@...r.kernel.org,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
"David S. Miller" <davem@...emloft.net>,
Pablo Neira Ayuso <pablo@...filter.org>,
Antti Antinoja <antti@...nosys.fi>
Subject: Re: [ovs-dev] [PATCH] openvswitch: Ensure nf_ct_put is not called
with null pointer
Ilya Maximets <i.maximets@....org> wrote:
> Hi, Florian.
>
> There is a problem on 5.15 longterm tree where the offending commit
> got backported, but the previous one was not, so it triggers an issue
> while loading the openvswitch module.
>
> To be more clear, v5.15.35 contains the following commit:
> 408bdcfce8df ("net: prefer nf_ct_put instead of nf_conntrack_put")
> backported as commit 72dd9e61fa319bc44020c2d365275fc8f6799bff, but
> it doesn't have the previous one:
> 6ae7989c9af0 ("netfilter: conntrack: avoid useless indirection during conntrack destruction")
> that adds the NULL pointer check to the nf_ct_put().
>
> Either 6ae7989c9af0 should be backported to 5.15 or 72dd9e61fa31
> reverted on that tree.
The commit was never meant to be backported to stable, it doesn't fix any bug.
I suspect it was done to take 'net/sched: act_ct: fix ref leak when
switching zones' without munging it.
I suggest to add stable-only patch that makes nf_ct_put(NULL)
legal, like in linux.git, but I don't know stable team preferences.
Powered by blists - more mailing lists