Kuniyuki Iwashima <kuniyu@xxxxxxxxxx> wrote: > We had a report that iptables-restore sometimes triggered null-ptr-deref > at boot time. > > The problem is that iptable_nat_table_init() is exposed to user space too > early and accesses net->gen->ptr[iptable_nat_net_ops.id] before allocated. Right, the other xtables don't have a pernet id, but nat needs this because of the nf_nat_core -> iptable_nat dependency. Reviewed-by: Florian Westphal <fw@xxxxxxxxx>
