lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <490eedd3-bd04-48bc-9526-09a5a786b667@redhat.com>
Date: Thu, 29 Jan 2026 11:40:50 +0100
From: Paolo Abeni <pabeni@...hat.com>
To: Florian Westphal <fw@...len.de>, Jakub Kicinski <kuba@...nel.org>
Cc: netdev@...r.kernel.org, "David S. Miller" <davem@...emloft.net>,
 Eric Dumazet <edumazet@...gle.com>, netfilter-devel@...r.kernel.org,
 pablo@...filter.org
Subject: Re: [PATCH net-next 0/9] netfilter: updates for net-next

On 1/29/26 11:08 AM, Florian Westphal wrote:
> Florian Westphal <fw@...len.de> wrote:
>> Jakub Kicinski <kuba@...nel.org> wrote:
>>> [  580.340726][T19113] sctp: Hash tables configured (bind 32/56)
>>> [  601.749973][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  601.985349][    C2] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  602.191750][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  602.555469][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  602.895890][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  603.226543][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  603.435907][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  603.569421][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  603.672454][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  603.821679][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:23456. Sending cookies.
>>> [  618.553975][T19316] ==================================================================
>>> [  618.554200][T19316] BUG: KASAN: slab-use-after-free in nfqnl_enqueue_packet+0x8f1/0x9e0 [nfnetlink_queue]
>>> [  618.554424][T19316] Write of size 1 at addr ff1100001cc9ae68 by task socat/19316
>>> [  618.554600][T19316] 
>>
>> Did not occur here during local testing :-(
>>
>> Should I send a v2 without the last two patches or will you pull and
>> discard the last two changes?
> 
> Alternatively you can also pull this:
> 
>   https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git tags/nf-next-26-01-29
> 
> Which is the same series but without the last two patches, i.e. up to
> e19079adcd26a25d7d3e586b1837493361fdf8b6:
> 
>   netfilter: nfnetlink_queue: optimize verdict lookup with hash table (2026-01-29 09:52:07 +0100)

Would you mind sending a formal v2 of the PR, so that the CI catches it
up and it's properly tracked in PW?

Thanks!

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ