git.baikalelectronics.ru Git - kernel.git/commit

]> git.baikalelectronics.ru Git - kernel.git/commit

author	Taehee Yoo <ap420073@gmail.com>
	Mon, 29 Apr 2019 16:55:54 +0000 (01:55 +0900)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 30 Apr 2019 11:56:19 +0000 (13:56 +0200)
commit	a45ca35f859e908a34e75e689695cb002377f4c5
tree	8bfaf82f1fc93007863fb85b1ae2146600357497	tree \| snapshot
parent	935af871cffb36599801fae6000e8d6cb626abb3	commit \| diff

netfilter: nf_flow_table: check ttl value in flow offload data path

nf_flow_offload_ip_hook() and nf_flow_offload_ipv6_hook() do not check
ttl value. So, ttl value overflow may occur.

Fixes: 113a0756270f ("netfilter: flow table support for IPv4")
Fixes: 6ef0505a5afd ("netfilter: flow table support for IPv6")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

net/netfilter/nf_flow_table_ip.c

diff | blob | history

Linux Kernel Source Tree.

RSS Atom