Richard Guy Briggs <rgb@xxxxxxxxxx> wrote: > nft_commit_notify(net, NETLINK_CB(skb).portid); > nf_tables_gen_notify(net, skb, NFT_MSG_NEWGEN); > nf_tables_commit_release(net); > > + nf_tables_commit_audit_log(&adl, net->nft.base_seq); This meeds to be before nf_tables_commit_release() call, afaics this function dereferences data structures that might be free'd already here.
