Merge tag 'nf-26-02-05' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Florian Westphal says:

====================
netfilter: update for net

This is one last-minute crash fix for nf_tables, from Andrew Fasano:

Logical check is inverted, this makes kernel fail to correctly undo
the transaction, leading to a use-after-free.

* tag 'nf-26-02-05' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()
====================

Link: https://patch.msgid.link/20260205074450.3187-1-fw@strlen.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Jakub Kicinski 2 months ago d9eb3178 7d6ba706

+1 -1

1 changed file

expand all

net

netfilter

nf_tables_api.c

+1 -1

net/netfilter/nf_tables_api.c

··· 5914 5914 5915 5915 list_for_each_entry(catchall, &set->catchall_list, list) { 5916 5916 ext = nft_set_elem_ext(set, catchall->elem); 5917 - if (!nft_set_elem_active(ext, genmask)) 5917 + if (nft_set_elem_active(ext, genmask)) 5918 5918 continue; 5919 5919 5920 5920 nft_clear(ctx->net, ext);