Taehee Yoo <ap420073@xxxxxxxxx> wrote: > If verdict is NF_STOLEN in the SYNPROXY target, > the skb is consumed. > However, ipt_do_table() always tries to get ip header from the skb. > So that, KASAN triggers the use-after-free message. In case anyone wonders, ip6tables doesn't have this problem because we pass *skb, not ip6hdr to ip6_packet_match(). arptables has the same bug, it seems (no target returns STOLEN, but I think we should fix it there as well). -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
