APPLIED: [SRU] [Bionic] [PATCH 0/1] Fix kernel panic in netfilter
Khaled Elmously
khalid.elmously at canonical.com
Mon Mar 4 01:58:00 UTC 2019
On 2019-02-21 18:42:42 , Kai-Heng Feng wrote:
> BugLink: https://bugs.launchpad.net/bugs/1811394
>
> [Impact]
> ipset-nuclear script [1] casues a kernel panic.
>
> [Fix]
> "Fix wraparound bug which could lead to memory exhaustion when adding an
> x.x.x.x-255.255.255.255 range to any hash:*net* types."
>
> [Test]
> User feedbacked this patch solves the issue.
>
> [Regression Potential]
> Low. It's also in upstream stable v4.14.
>
> [1] https://github.com/DevelopersPL/pkgbuild/blob/master/ipset-nuclear/ipset-nuclear
>
> Jozsef Kadlecsik (1):
> netfilter: ipset: Fix wraparound in hash:*net* types
>
> net/netfilter/ipset/ip_set_hash_ipportnet.c | 26 +++++++--------
> net/netfilter/ipset/ip_set_hash_net.c | 9 +++--
> net/netfilter/ipset/ip_set_hash_netiface.c | 9 +++--
> net/netfilter/ipset/ip_set_hash_netnet.c | 28 ++++++++--------
> net/netfilter/ipset/ip_set_hash_netport.c | 19 ++++++-----
> net/netfilter/ipset/ip_set_hash_netportnet.c | 35 ++++++++++----------
> 6 files changed, 63 insertions(+), 63 deletions(-)
>
> --
> 2.17.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list