lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20230606225851.67394-1-pablo@netfilter.org>
Date: Wed,  7 Jun 2023 00:58:46 +0200
From: Pablo Neira Ayuso <pablo@...filter.org>
To: netfilter-devel@...r.kernel.org
Cc: davem@...emloft.net,
	netdev@...r.kernel.org,
	kuba@...nel.org,
	pabeni@...hat.com,
	edumazet@...gle.com,
	fw@...len.de
Subject: [PATCH net 0/5] Netfilter fixes for net

Hi,

The following patchset contains Netfilter fixes for net:

1) Missing nul-check in basechain hook netlink dump path, from Gavrilov Ilia.

2) Fix bitwise register tracking, from Jeremy Sowden.

3) Null pointer dereference when accessing conntrack helper,
   from Tijs Van Buggenhout.

4) Add schedule point to ipset's call_ad, from Kuniyuki Iwashima.

5) Incorrect boundary check when building chain blob.

Please, pull these changes from:

  git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git nf-23-06-07

Thanks.

----------------------------------------------------------------

The following changes since commit 9025944fddfed5966c8f102f1fe921ab3aee2c12:

  net: fec: add dma_wmb to ensure correct descriptor values (2023-05-19 09:17:53 +0100)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git tags/nf-23-06-07

for you to fetch changes up to 08e42a0d3ad30f276f9597b591f975971a1b0fcf:

  netfilter: nf_tables: out-of-bound check in chain blob (2023-06-07 00:43:44 +0200)

----------------------------------------------------------------
netfilter pull request 23-06-07

----------------------------------------------------------------
Gavrilov Ilia (1):
      netfilter: nf_tables: Add null check for nla_nest_start_noflag() in nft_dump_basechain_hook()

Jeremy Sowden (1):
      netfilter: nft_bitwise: fix register tracking

Kuniyuki Iwashima (1):
      netfilter: ipset: Add schedule point in call_ad().

Pablo Neira Ayuso (1):
      netfilter: nf_tables: out-of-bound check in chain blob

Tijs Van Buggenhout (1):
      netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper

 net/netfilter/ipset/ip_set_core.c | 8 ++++++++
 net/netfilter/nf_conntrack_core.c | 3 +++
 net/netfilter/nf_tables_api.c     | 4 +++-
 net/netfilter/nft_bitwise.c       | 2 +-
 4 files changed, 15 insertions(+), 2 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ