diff options
| author | Paolo Abeni <pabeni@redhat.com> | 2024-07-04 16:31:26 +0300 |
|---|---|---|
| committer | Paolo Abeni <pabeni@redhat.com> | 2024-07-04 16:31:27 +0300 |
| commit | e367197166a04ca605a6c3a053bbf8c3ef317a61 (patch) | |
| tree | 37e70948d519c39f965eaac99df78a1c25d9528d | |
| parent | 61cf1c739f08190a4cbf047b9fbb192a94d87e3f (diff) | |
| parent | 9f6958ba2e902f9820c594869bd710ba74b7c4c0 (diff) | |
| download | linux-e367197166a04ca605a6c3a053bbf8c3ef317a61.tar.xz | |
Merge tag 'nf-24-07-04' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following batch contains a oneliner patch to inconditionally flush
workqueue containing stale objects to be released, syzbot managed to
trigger UaF. Patch from Florian Westphal.
netfilter pull request 24-07-04
* tag 'nf-24-07-04' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
netfilter: nf_tables: unconditionally flush pending work before notifier
====================
Link: https://patch.msgid.link/20240703223304.1455-1-pablo@netfilter.org
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
| -rw-r--r-- | net/netfilter/nf_tables_api.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index e8dcf41d360d..081c08536d0f 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -11483,8 +11483,7 @@ static int nft_rcv_nl_event(struct notifier_block *this, unsigned long event, gc_seq = nft_gc_seq_begin(nft_net); - if (!list_empty(&nf_tables_destroy_list)) - nf_tables_trans_destroy_flush_work(); + nf_tables_trans_destroy_flush_work(); again: list_for_each_entry(table, &nft_net->tables, list) { if (nft_table_has_owner(table) && |