Message ID | 20190221104243.7704-1-kai.heng.feng@canonical.com |
---|---|
Headers | show |
Series | Fix kernel panic in netfilter | expand |
On 2019-02-21 18:42:42 , Kai-Heng Feng wrote: > BugLink: https://bugs.launchpad.net/bugs/1811394 > > [Impact] > ipset-nuclear script [1] casues a kernel panic. > > [Fix] > "Fix wraparound bug which could lead to memory exhaustion when adding an > x.x.x.x-255.255.255.255 range to any hash:*net* types." > > [Test] > User feedbacked this patch solves the issue. > > [Regression Potential] > Low. It's also in upstream stable v4.14. > > [1] https://github.com/DevelopersPL/pkgbuild/blob/master/ipset-nuclear/ipset-nuclear > > Jozsef Kadlecsik (1): > netfilter: ipset: Fix wraparound in hash:*net* types > > net/netfilter/ipset/ip_set_hash_ipportnet.c | 26 +++++++-------- > net/netfilter/ipset/ip_set_hash_net.c | 9 +++-- > net/netfilter/ipset/ip_set_hash_netiface.c | 9 +++-- > net/netfilter/ipset/ip_set_hash_netnet.c | 28 ++++++++-------- > net/netfilter/ipset/ip_set_hash_netport.c | 19 ++++++----- > net/netfilter/ipset/ip_set_hash_netportnet.c | 35 ++++++++++---------- > 6 files changed, 63 insertions(+), 63 deletions(-) > > -- > 2.17.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team