NACK: [SRU][F:linux-bluefield][PATCH 0/3] Fix nft_do_chain crash when doing DDOS attack
Stefan Bader
stefan.bader at canonical.com
Wed Feb 8 08:38:50 UTC 2023
On 07.02.23 00:24, Bodong Wang wrote:
> When doing DDOS attack on port 22, there is deference of an uninitialized
> pointer from nf_tables.
>
> The patches addressed the uninitialized pointers.
>
> Pablo Neira Ayuso (3):
> netfilter: nf_tables: constify nft_reg_load{8, 16, 64}()
> netfilter: nft_set_bitmap: initialize set element extension in lookups
> netfilter: nf_tables: do not update stateful expressions if lookup is
> inverted
>
> include/net/netfilter/nf_tables.h | 8 ++++----
> net/netfilter/nft_lookup.c | 12 +++++++-----
> net/netfilter/nft_set_bitmap.c | 1 +
> 3 files changed, 12 insertions(+), 9 deletions(-)
>
v2 labelled as v1 around...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230208/494c1bc7/attachment.sig>
More information about the kernel-team
mailing list