-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEjF9xRqF1emXiQiqU1w0aZmrPKyEFAmodcTIACgkQ1w0aZmrP
KyGSnA/+Khp694VPEoIX1gS1ZXgdh86zNpi3IXDlYze8cedZbgsvt5Dfz/hpKd7s
gXwJsocxRPNjh4MYxZq/TVnpo5WcI+hmRVBtKRCiwjsBZ/ejL4cnyXu0suJ4qHOe
RQWF24jNu3U1A/qfCcpBA8plYH6SC8MjIarXemkxFd5AHlb4JRyfZgCjg0L2CLi9
nipV5TTpeP4dMlXCORPjOginFdXpwUgpxWZjJAnJ9SbI5a/qDwSrOT40UmxDMFTL
9RRLO8DzuRYdy56tGbu3pS3QaBDbC966IyJQi0X89nsMSJQt3ipG6jxxe0Kzc3Ma
ft+RsJKqrdcFdUQDhMY38Tm/Osj6L/yd4FJYCEkA9yx+nsoNh9IMoN7hXgqz9GHC
ujtyKI0hOJdsFyl3ZjssC/MYtEL/R9e7n4oKwdp8QSLkjUAXCQ+nPvbYky8qVG68
toTMi0B2TndmSIExR2kg9eGf5/n0oXEoRkgxQ9JXiDZiRBRLF8UgErIKpbL3SRF5
rZL/Vavq3uTEVI3PEHnbIg4d2/z574tvSguBtNRW93pyJIgnq2duoI55Lzpp7n51
pcREDPCKvkIDGdcWmX8eUNs+2eGw6EI1L1BsSoikUYrPTFO9H5tIV5V4CGlNsQoM
QvleKA8RwQAyVUd0C7dEDifKfbwEBACcw/Rz5uZLGHC2Z/9gHq0=
=+q/K
-----END PGP SIGNATURE-----
Merge tag 'nf-26-06-01' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
Pablo Neira Ayuso says:
====================
Netfilter/IPVS fixes for net
The following patchset contains Netfilter/IPVS fixes for net:
1) Fix splat with PREEMPT_RCU because smp_processor_id() in nfqueue,
from Fernando Fernandez Mancera.
2) Fix possible use of pointer to old IPVS scheduler after RCU grace
period when editing service, from Julian Anastasov.
3) Fix possible forever RCU walk over rt->fib6_siblings in nft_fib6,
if rt is unlinked mid-iteration, apparently same issue happens in
the fib6 core. From Jiayuan Chen.
4) Add mutex to guard refcount in synproxy infrastructure, since
concurrent hook {un}registration can happen.
From Fernando Fernandez Mancera.
5) Bail out if IRC conntrack helper fails to parse a command, do not
try parsing using other command handlers, from Florian Westphal.
This fixes a possible out-of-bound read.
6) Possible use-after-free in nft_tunnel by releasing template dst
after all references has been dropped, from Tristan Madani.
7) Ignore conntrack template in nft_ct, from Jiayuan Chen.
8) Missing skb_ensure_writable() in ebt_snat, Yiming Qian.
9) Remove multi-register byteorder support, this allows for kernel
stack info leak, from Florian Westphal.
* tag 'nf-26-06-01' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
netfilter: nft_byteorder: remove multi-register support
netfilter: bridge: make ebt_snat ARP rewrite writable
netfilter: nft_ct: bail out on template ct in get eval
netfilter: nft_tunnel: fix use-after-free on object destroy
netfilter: conntrack_irc: fix possible out-of-bounds read
netfilter: synproxy: add mutex to guard hook reference counting
netfilter: nft_fib_ipv6: bail out of sibling walk if rt got unlinked
ipvs: clear the svc scheduler ptr early on edit
netfilter: xt_NFQUEUE: prefer raw_smp_processor_id
====================
Link: https://patch.msgid.link/20260601115923.433946-1-pablo@netfilter.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
9de5cbbe70