[SRU][F:linux-bluefield][PATCH v1 0/3] Fix nft_do_chain crash when doing DDOS attack
Bodong Wang
bodong at nvidia.com
Tue Feb 7 19:35:35 UTC 2023
When doing DDOS attack on port 22, there is deference of an uninitialized
pointer from nf_tables.
The patches addressed the uninitialized pointers.
v0->v1:
Add the upstream sha for 2nd patch
Pablo Neira Ayuso (3):
netfilter: nf_tables: constify nft_reg_load{8, 16, 64}()
netfilter: nft_set_bitmap: initialize set element extension in lookups
netfilter: nf_tables: do not update stateful expressions if lookup is
inverted
include/net/netfilter/nf_tables.h | 8 ++++----
net/netfilter/nft_lookup.c | 12 +++++++-----
net/netfilter/nft_set_bitmap.c | 1 +
3 files changed, 12 insertions(+), 9 deletions(-)
--
1.8.3.1
More information about the kernel-team
mailing list