redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/net
History
Kadlecsik József 8ce07d95d6 netfilter: ipset: fix suspicious RCU usage in find_set_and_id 
commit 5038517119 upstream.

find_set_and_id() is called when the NFNL_SUBSYS_IPSET mutex is held.
However, in the error path there can be a follow-up recvmsg() without
the mutex held. Use the start() function of struct netlink_dump_control
instead of dump() to verify and report if the specified set does not
exist.

Thanks to Pablo Neira Ayuso for helping me to understand the subleties
of the netlink protocol.

Reported-by: syzbot+fc69d7cb21258ab4ae4d@syzkaller.appspotmail.com
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-02-11 04:35:07 -08:00
..
6lowpan 6lowpan: no need to check return value of debugfs_create functions 2019-07-06 12:50:01 +02:00
9p 9p pull request for inclusion in 5.4 2019-09-27 15:10:34 -07:00
802 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
8021q vlan: vlan_changelink() should propagate errors 2020-01-12 12:21:50 +01:00
appletalk appletalk: enforce CAP_NET_RAW for raw sockets 2019-09-24 16:37:18 +02:00
atm net: atm: Reduce the severity of logging in unlink_clip_vcc 2019-11-18 17:08:20 -08:00
ax25 ax25: enforce CAP_NET_RAW for raw sockets 2019-09-24 16:37:18 +02:00
batman-adv batman-adv: Fix DAT candidate selection on little endian systems 2020-01-23 08:22:49 +01:00
bluetooth Bluetooth: Fix race condition in hci_release_sock() 2020-02-05 21:22:42 +00:00
bpf bpf/flow_dissector: support flags in BPF_PROG_TEST_RUN 2019-07-25 18:00:41 -07:00
bpfilter Kbuild updates for v5.3 2019-07-12 16:03:16 -07:00
bridge net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2020-01-04 19:18:58 +01:00
caif net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
can can: j1939: j1939_sk_bind(): take priv after lock is held 2019-12-31 16:45:56 +01:00
ceph libceph: use ceph_kvmalloc() for osdmap arrays 2019-09-16 12:06:25 +02:00
core flow_dissector: Fix to use new variables for port ranges in bpf hook 2020-02-05 21:22:52 +00:00
dcb treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201 2019-05-30 11:29:52 -07:00
dccp net: ipv6: add net argument to ip6_dst_lookup_flow 2019-12-18 16:08:40 +01:00
decnet net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2020-01-04 19:18:58 +01:00
dns_resolver Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
dsa net: dsa: tag_gswip: fix typo in tagger name 2020-01-23 08:22:52 +01:00
ethernet net: add annotations on hh->hh_len lockless accesses 2020-01-09 10:20:06 +01:00
hsr net: hsr: fix possible NULL deref in hsr_handle_frame() 2020-02-11 04:35:04 -08:00
ieee802154 net: core: add generic lockdep keys 2019-10-24 14:53:48 -07:00
ife net: Fix Kconfig indentation 2019-09-26 08:56:17 +02:00
ipv4 tcp: clear tp->segs_{in|out} in tcp_disconnect() 2020-02-11 04:35:06 -08:00
ipv6 vti[6]: fix packet tx through bpf_redirect() 2020-02-05 21:22:48 +00:00
iucv net/af_iucv: mark expected switch fall-throughs 2019-07-29 10:26:14 -07:00
kcm kcm: disable preemption in kcm_parse_func_strparser() 2019-09-27 10:27:14 +02:00
key Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-07-08 19:48:57 -07:00
l2tp l2tp: Allow duplicate session creation with UDP 2020-02-11 04:35:04 -08:00
l3mdev ipv6: convert major tx path to use RT6_LOOKUP_F_DST_NOREF 2019-06-23 13:24:17 -07:00
lapb Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-17 20:20:36 -07:00
llc llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) 2020-01-12 12:21:45 +01:00
mac80211 mac80211: Fix TKIP replay protection immediately after key setup 2020-02-05 21:22:46 +00:00
mac802154 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
mpls net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup 2019-12-18 16:08:42 +01:00
ncsi net/ncsi: Disable global multicast filter 2019-09-19 18:04:40 -07:00
netfilter netfilter: ipset: fix suspicious RCU usage in find_set_and_id 2020-02-11 04:35:07 -08:00
netlabel netlabel: remove redundant assignment to pointer iter 2019-09-01 11:45:02 -07:00
netlink net: remove empty netlink_tap_exit_net 2019-06-14 19:50:33 -07:00
netrom net: core: add generic lockdep keys 2019-10-24 14:53:48 -07:00
nfc net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive() 2019-12-31 16:41:23 +01:00
nsh treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
openvswitch net: openvswitch: don't unlock mutex when changing the user_features fails 2020-01-26 10:01:05 +01:00
packet packet: fix data-race in fanout_flow_is_huge() 2020-01-26 10:01:06 +01:00
phonet net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
psample net: psample: fix skb_over_panic 2019-12-04 22:30:54 +01:00
qrtr net: qrtr: Stop rx_worker before freeing node 2019-09-21 18:45:46 -07:00
rds rds: ib: update WR sizes when bringing up connection 2019-11-16 12:59:08 -08:00
rfkill rfkill: Fix incorrect check to avoid NULL pointer dereference 2020-01-12 12:21:33 +01:00
rose net: core: add generic lockdep keys 2019-10-24 14:53:48 -07:00
rxrpc rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect 2020-02-11 04:35:05 -08:00
sched net_sched: fix an OOB access in cls_tcindex 2020-02-11 04:35:04 -08:00
sctp sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY 2020-01-12 12:21:48 +01:00
smc net/smc: add fallback check to connect() 2020-01-04 19:18:37 +01:00
strparser Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
sunrpc SUNRPC: Fix another issue with MIC buffer space 2020-01-26 10:01:07 +01:00
switchdev treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tipc tipc: fix wrong timeout input for tipc_wait_for_cond() 2020-01-26 10:01:00 +01:00
tls net/tls: fix async operation 2020-01-29 16:45:28 +01:00
unix af_unix: add compat_ioctl support 2020-01-17 19:48:52 +01:00
vmw_vsock vsock/virtio: fix sock refcnt holding during the shutdown 2019-11-08 12:17:50 -08:00
wimax wimax: no need to check return value of debugfs_create functions 2019-08-10 15:25:47 -07:00
wireless wireless: wext: avoid gcc -O3 warning 2020-02-05 21:22:47 +00:00
x25 net/x25: fix nonblocking connect 2020-01-29 16:45:33 +01:00
xdp xsk: Add rcu_read_lock around the XSK wakeup 2020-01-12 12:21:41 +01:00
xfrm xfrm: interface: do not confirm neighbor when do pmtu update 2020-02-05 21:22:48 +00:00
Kconfig devlink: Add packet trap infrastructure 2019-08-17 12:40:08 -07:00
Makefile
compat.c uio: make import_iovec()/compat_import_iovec() return bytes on success 2019-05-31 15:30:03 -06:00
socket.c compat_ioctl: handle SIOCOUTQNSD 2020-01-17 19:48:52 +01:00
sysctl_net.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00