linux-toradex.git - Linux kernel for Apalis, Colibri and Verdin modules

diff options

author	Phil Sutter <phil@nwl.cc>	2023-12-05 21:58:12 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2023-12-13 18:18:12 +0100
commit	69431f609bf37311fbf90c507f8540f9ddf667c1 (patch)
tree	0c7326bcc5ac33e4e89df739cc26f818aff2397a /net/ipv4/tcp_input.c
parent	c61c61d7e7de951d585db4809544f3cc876ef4a7 (diff)

netfilter: xt_owner: Fix for unsafe access of sk->sk_socket

[ Upstream commit 7ae836a3d630e146b732fe8ef7d86b243748751f ] A concurrently running sock_orphan() may NULL the sk_socket pointer in between check and deref. Follow other users (like nft_meta.c for instance) and acquire sk_callback_lock before dereferencing sk_socket. Fixes: 0265ab44bacc ("[NETFILTER]: merge ipt_owner/ip6t_owner in xt_owner") Reported-by: Jann Horn <jannh@google.com> Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Sasha Levin <sashal@kernel.org>

Diffstat (limited to 'net/ipv4/tcp_input.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: