]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 664ca79) | patch
netfilter: nf_tables: hold mutex on netns pre_exit path
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 16 May 2023 14:44:35 +0000 (16:44 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 30 May 2023 11:44:08 +0000 (12:44 +0100)
commit7eebd990ab5d085c7f25ace48869e9cc31168074
treee9e29ba96ebd3a90815ac221b0dbf8f7cd1ea2d1tree | snapshot
parent664ca791b87dc73fe897d24a9236aaa671814aebcommit | diff
netfilter: nf_tables: hold mutex on netns pre_exit path

a669e8adb86a13fd522e3f4619d80500123fc268 ]

clean_net() runs in workqueue while walking over the lists, grab mutex.

Fixes: 815fac68e781 ("netfilter: nftables: fix possible UAF over chains from packet path in netns")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
net/netfilter/nf_tables_api.c diff | blob | history
Linux Kernel Source Tree.