Skip to content
Commit b30669fd authored by Davide Ornaghi's avatar Davide Ornaghi Committed by Greg Kroah-Hartman
Browse files

netfilter: nft_inner: validate mandatory meta and payload 



[ Upstream commit c4ab9da8 ]

Check for mandatory netlink attributes in payload and meta expression
when used embedded from the inner expression, otherwise NULL pointer
dereference is possible from userspace.

Fixes: a150d122 ("netfilter: nft_meta: add inner match support")
Fixes: 3a07327d ("netfilter: nft_inner: support for inner tunnel header matching")
Signed-off-by: default avatarDavide Ornaghi <d.ornaghi97@gmail.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent 7ccca396
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment