On Mon, Jan 29, 2018 at 01:21:20PM +0100, Dmitry Vyukov wrote: > Several netfilter matches and targets put kernel pointers into > info objects, but don't set usersize in descriptors. > This leads to kernel pointer leaks if a match/target is set > and then read back to userspace. > > Properly set usersize for these matches/targets. > > Found with manual code inspection. Applied, thanks! I think this fixes: ec2318904965 xtables: extend matches and targets with .usersize So I'm going to add the Fixes: tag here, no problem. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html