On Sat, Jan 11, 2020 at 11:19:53PM +0100, Florian Westphal wrote: > An earlier commit (1b789577f655060d98d20e, > "netfilter: arp_tables: init netns pointer in xt_tgchk_param struct" > fixed missing net initialization for arptables, but turns out it was > incomplete. We can get a very similar struct net NULL deref during > error unwinding: > > general protection fault: 0000 [#1] PREEMPT SMP KASAN > RIP: 0010:xt_rateest_put+0xa1/0x440 net/netfilter/xt_RATEEST.c:77 > xt_rateest_tg_destroy+0x72/0xa0 net/netfilter/xt_RATEEST.c:175 > cleanup_entry net/ipv4/netfilter/arp_tables.c:509 [inline] > translate_table+0x11f4/0x1d80 net/ipv4/netfilter/arp_tables.c:587 > do_replace net/ipv4/netfilter/arp_tables.c:981 [inline] > do_arpt_set_ctl+0x317/0x650 net/ipv4/netfilter/arp_tables.c:1461 > > Also init the netns pointer in xt_tgdtor_param struct. Applied.
