In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: prevent nf_skb_duplicated corruption
syzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write
per-cpu va
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: clone set on flush only
Syzbot with fault injection triggered a failing memory allocation with
GFP_KERNEL wh
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: reject duplicate device on updates
A chain/flowtable update with duplicated devices in the same batch is
pos
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: Fix for duplicate device in netdev hooks
When handling NETDEV_REGISTER notification, duplicate device
regist
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: don't fail inserts if duplicate has expired
nftables selftests fail:
run-tests.sh testcases/sets/0044interva
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: fix underflow in chain reference counter
Set element addition error path decrements reference counter on cha
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: initialize registers in nft_do_chain()
Initialize registers to avoid stack leak into userspace.
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject: don't leak dst refcount for loopback packets
recent patches to add a WARN() when replacing skb dst entry fou
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()
Since commit b36e4523d4d5 ("netfilter: nf_con
In the Linux kernel, the following vulnerability has been resolved:
netfilter: conntrack: fix using __this_cpu_add in preemptible
Currently in nf_conntrack_hash_check_insert(), when it fails in
nf_c
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending
gar
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
I got a syzbot report without a repro [1] crashing in nf_send_r
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: avoid chain re-validation if possible
Hamza Mahfooz reports cpu soft lock-ups in
nft_chain_validate():
wat
In the Linux kernel, the following vulnerability has been resolved:
drm/msm: Fix pgtable prealloc error path
The following splat was reported:
Unable to handle kernel NULL pointer dereference a
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: use list_del_rcu for netlink hooks
nft_netdev_unregister_hooks and __nft_unregister_flowtable_net_hooks need
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_rbtree: fix overlap expiration walk
The lazy gc on insert that should remove timed-out entries fails to release
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_rbtree: fix null deref on element insertion
There is no guarantee that rb_prev() will not return NULL in nft_rb
In the Linux kernel, the following vulnerability has been resolved:
mISDN: Fix memory leak in dsp_pipeline_build()
dsp_pipeline_build() allocates dup pointer by kstrdup(cfg),
but then it updates dup
In the Linux kernel, the following vulnerability has been resolved:
net: microchip: vcap api: Fix possible memory leak for vcap_dup_rule()
Inject fault When select CONFIG_VCAP_KUNIT_TEST, the below
In the Linux kernel, the following vulnerability has been resolved:
xfrm: always flush state and policy upon NETDEV_UNREGISTER event
syzbot is reporting that "struct xfrm_state" refcount is leaking.
Page 1+ Next →