This is a note to let you know that I've just added the patch titled netfilter: nft_payload: rebuild vlan header when needed to the 5.15-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: netfilter-nft_payload-rebuild-vlan-header-when-neede.patch and it can be found in the queue-5.15 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. commit 28983bb95aecb8c0f0a2498ad54cd548b637f5b6 Author: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> Date: Tue Jun 6 09:38:42 2023 +0200 netfilter: nft_payload: rebuild vlan header when needed [ Upstream commit de6843be3082d416eaf2a00b72dad95c784ca980 ] Skip rebuilding the vlan header when accessing destination and source mac address. Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> Stable-dep-of: 33c563ebf8d3 ("netfilter: nft_payload: skbuff vlan metadata mangle support") Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c index e5f0d33a27e61..b1745304dbd22 100644 --- a/net/netfilter/nft_payload.c +++ b/net/netfilter/nft_payload.c @@ -127,7 +127,8 @@ void nft_payload_eval(const struct nft_expr *expr, if (!skb_mac_header_was_set(skb) || skb_mac_header_len(skb) == 0) goto err; - if (skb_vlan_tag_present(skb)) { + if (skb_vlan_tag_present(skb) && + priv->offset >= offsetof(struct ethhdr, h_proto)) { if (!nft_payload_copy_vlan(dest, skb, priv->offset, priv->len)) goto err;