diff options
author | Phil Sutter <phil@nwl.cc> | 2023-12-05 21:58:12 +0100 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2023-12-13 18:18:12 +0100 |
commit | 69431f609bf37311fbf90c507f8540f9ddf667c1 (patch) | |
tree | 0c7326bcc5ac33e4e89df739cc26f818aff2397a /scripts/extract-ikconfig | |
parent | c61c61d7e7de951d585db4809544f3cc876ef4a7 (diff) |
netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
[ Upstream commit 7ae836a3d630e146b732fe8ef7d86b243748751f ]
A concurrently running sock_orphan() may NULL the sk_socket pointer in
between check and deref. Follow other users (like nft_meta.c for
instance) and acquire sk_callback_lock before dereferencing sk_socket.
Fixes: 0265ab44bacc ("[NETFILTER]: merge ipt_owner/ip6t_owner in xt_owner")
Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'scripts/extract-ikconfig')
0 files changed, 0 insertions, 0 deletions