]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/commit
projects / mirror_ubuntu-jammy-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8744365) | patch
netfilter: nft_exthdr: check for IPv6 packet before further processing
authorPablo Neira Ayuso <pablo@netfilter.org>
Thu, 10 Jun 2021 18:20:30 +0000 (20:20 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 16 Jun 2021 18:51:50 +0000 (20:51 +0200)
commitcdd73cc545c0fb9b1a1f7b209f4f536e7990cff4
tree54f088ff4225a9734981d24578bc2c67d266e10btree
parent8744365e258459775bd9b49b705a82d66a21c2b4commit | diff
netfilter: nft_exthdr: check for IPv6 packet before further processing

ipv6_find_hdr() does not validate that this is an IPv6 packet. Add a
sanity check for calling ipv6_find_hdr() to make sure an IPv6 packet
is passed for parsing.

Fixes: 96518518cc41 ("netfilter: add nftables")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nft_exthdr.c diff | blob | blame | history
Ubuntu Jammy Linux kernel mirror