]> git.itanic.dy.fi Git - linux-stable/commit
projects / linux-stable / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6236af6) | patch
netfilter: nf_tables: hold mutex on netns pre_exit path
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 16 May 2023 14:44:35 +0000 (16:44 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 30 May 2023 11:44:08 +0000 (12:44 +0100)
commite0c1b35239d9bb98c3a356b930ca8f8eecef07ab
treee9e29ba96ebd3a90815ac221b0dbf8f7cd1ea2d1tree | snapshot
parent6236af6936dd1261ffe3e7aa3b6f55daf0301c4ccommit | diff
netfilter: nf_tables: hold mutex on netns pre_exit path

3923b1e4406680d57da7e873da77b1683035d83f ]

clean_net() runs in workqueue while walking over the lists, grab mutex.

Fixes: 767d1216bff8 ("netfilter: nftables: fix possible UAF over chains from packet path in netns")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
net/netfilter/nf_tables_api.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.