From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Date: Thu, 1 Feb 2018 19:02:11 +0100
> The following patchset contains Netfilter fixes for your net tree,
> they are:
>
> 1) Fix OOM that syskaller triggers with ipt_replace.size = -1 and
> IPT_SO_SET_REPLACE socket option, from Dmitry Vyukov.
>
> 2) Check for too long extension name in xt_request_find_{match|target}
> that result in out-of-bound reads, from Eric Dumazet.
>
> 3) Fix memory exhaustion bug in ipset hash:*net* types when adding ranges
> that look like x.x.x.x-255.255.255.255, from Jozsef Kadlecsik.
>
> 4) Fix pointer leaks to userspace in x_tables, from Dmitry Vyukov.
>
> 5) Insufficient sanity checks in clusterip_tg_check(), also from Dmitry.
>
> You can pull these changes from:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
Pulled, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
