From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx> Date: Wed, 16 May 2012 20:41:51 +0200 (CEST) > Could at least the patch with the subject > > netfilter: ipset: fix hash size checking in kernel > > The hash size must fit both into u32 (jhash) and the max value of > size_t. The missing checking could lead to kernel crash, bug reported > by Seblu. > > be submitted into 3.4-rc7? Any non most-recent ipset package compiled with > gcc-4.7 or above can trigger the bug. And only root can trigger it if he gives bogus parameters right? If that's the case, the exposure is to privileged users committing an operator error, so I don't see it as so important. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
