superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/net
History
Yiqi Sun fde29fd934 ipv4: icmp: fix null-ptr-deref in icmp_build_probe() 
ipv6_stub->ipv6_dev_find() may return ERR_PTR(-EAFNOSUPPORT) when the
IPv6 stack is not active (CONFIG_IPV6=m and not loaded), and passing
this error pointer to dev_hold() will cause a kernel crash with
null-ptr-deref.

Instead, silently discard the request. RFC 8335 does not appear to
define a specific response for the case where an IPv6 interface
identifier is syntactically valid but the implementation cannot perform
the lookup at runtime, and silently dropping the request may safer than
misreporting "No Such Interface".

Fixes: d329ea5bd8 ("icmp: add response to RFC 8335 PROBE messages")
Signed-off-by: Yiqi Sun <sunyiqixm@gmail.com>
Link: https://patch.msgid.link/20260402070419.2291578-1-sunyiqixm@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 		2026-04-03 15:46:17 -07:00
..
6lowpan
9p Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
802 Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
8021q Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
appletalk Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
atm atm: lec: fix use-after-free in sock_def_readable() 2026-03-14 08:05:47 -07:00
ax25 Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
batman-adv Here is a batman-adv bugfix: 2026-03-18 17:41:00 -07:00
bluetooth Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync 2026-04-01 16:48:28 -04:00
bpf Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
bridge bridge: guard local VLAN-0 FDB helpers against NULL vlan group 2026-04-03 14:45:51 -07:00
caif Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
can can: isotp: fix tx.buf use-after-free in isotp_sendmsg() 2026-03-19 17:16:02 +01:00
ceph libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() 2026-03-11 10:18:56 +01:00
core rtnetlink: add missing netlink_ns_capable() check for peer netns 2026-04-03 15:07:18 -07:00
dcb Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
devlink Convert 'alloc_flex' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
dns_resolver net/dns_resolver: use credential guards in dns_query() 2025-11-04 12:36:51 +01:00
dsa Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
ethernet bonding: prevent potential infinite loop in bond_header_parse() 2026-03-16 19:29:45 -07:00
ethtool Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
handshake treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
hsr net: hsr: fix VLAN add unwind on slave errors 2026-04-02 08:23:49 -07:00
ieee802154 Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
ife
ipv4 ipv4: icmp: fix null-ptr-deref in icmp_build_probe() 2026-04-03 15:46:17 -07:00
ipv6 ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() 2026-04-03 14:44:43 -07:00
iucv Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
kcm kcm: fix zero-frag skb in frag_list on partial sendmsg error 2026-02-23 17:26:55 -08:00
key ipsec-2026-03-23 2026-03-24 15:16:28 +01:00
l2tp Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
l3mdev
lapb treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
llc treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
mac80211 wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure 2026-03-18 09:09:58 +01:00
mac802154 bonding: prevent potential infinite loop in bond_header_parse() 2026-03-16 19:29:45 -07:00
mctp mctp: route: hold key->lock in mctp_flow_prepare_output() 2026-03-10 11:38:36 +01:00
mpls mpls: add seqcount to protect the platform_label{,s} pair 2026-03-26 18:32:14 -07:00
mptcp mptcp: fix soft lockup in mptcp_recvmsg() 2026-03-31 18:58:37 -07:00
ncsi net: ncsi: fix skb leak in error paths 2026-03-06 17:34:48 -08:00
netfilter netfilter: nf_tables: reject immediate NF_QUEUE verdict 2026-04-01 11:55:30 +02:00
netlabel Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
netlink Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
netrom Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
nfc nfc: nci: fix circular locking dependency in nci_close_device 2026-03-19 16:56:18 -07:00
nsh
openvswitch openvswitch: validate MPLS set/set_masked payload length 2026-03-20 18:37:31 -07:00
packet net: fix fanout UAF in packet_release() via NETDEV_UP race 2026-03-23 17:07:19 -07:00
phonet bonding: prevent potential infinite loop in bond_header_parse() 2026-03-16 19:29:45 -07:00
psample treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
psp Including fixes from IPsec, Bluetooth and netfilter 2026-02-26 08:00:13 -08:00
qrtr net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak 2026-03-26 20:22:38 -07:00
rds rds: ib: reject FRMR registration before IB connection is established 2026-04-01 17:52:40 -07:00
rfkill Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
rose net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect 2026-03-12 19:23:59 -07:00
rxrpc rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer() 2026-03-06 17:49:52 -08:00
sched net: sched: act_csum: validate nested VLAN headers 2026-04-03 14:34:56 -07:00
sctp Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
shaper net: shaper: protect from late creation of hierarchy 2026-03-19 13:47:15 +01:00
smc net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer 2026-03-20 18:59:30 -07:00
strparser Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-11-13 12:35:38 -08:00
sunrpc nfsd-7.0 fixes: 2026-03-18 14:27:11 -07:00
switchdev treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
tipc tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG 2026-04-03 15:31:17 -07:00
tls tls: Purge async_hold in tls_decrypt_async_wait() 2026-03-26 09:55:53 +01:00
unix af_unix: Give up GC if MSG_PEEK intervened. 2026-03-12 13:37:18 -07:00
vmw_vsock vsock: initialize child_ns_mode_locked in vsock_net_init() 2026-04-02 08:18:56 -07:00
wireless wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down 2026-03-06 12:41:59 +01:00
x25 net/x25: Fix overflow when accumulating packets 2026-04-02 13:36:08 +02:00
xdp xsk: Fix zero-copy AF_XDP fragment drop 2026-02-28 08:55:11 -08:00
xfrm ipsec-2026-03-23 2026-03-24 15:16:28 +01:00
Kconfig net: Kconfig: discourage drop_monitor enablement 2025-10-17 16:29:26 -07:00
Kconfig.debug
Makefile psp: base PSP device support 2025-09-18 12:32:06 +02:00
compat.c socket: Unify getsockname and getpeername implementation 2025-11-26 13:45:23 -07:00
devres.c
socket.c net: Drop the lock in skb_may_tx_timestamp() 2026-02-24 11:27:29 +01:00
sysctl_net.c