7aa03c3168a4509169658edd108437b2cbb8a082 - third_party/kernel

commit	7aa03c3168a4509169658edd108437b2cbb8a082	[log] [tgz]
author	Pablo Neira Ayuso <pablo@netfilter.org>	Fri Jun 16 15:22:18 2023 +0200
committer	Oleksandr Tymoshenko <ovt@google.com>	Wed May 01 17:46:15 2024 +0000
tree	ebe67932183bf7c0056f6364cf289c94b988bfa9
parent	53f7d4a0f81f857147ba14e116c3d14045de593c [diff]

netfilter: nf_tables: disallow timeout for anonymous sets

commit e26d3009efda338f19016df4175f354a9bd0a4ab upstream.

Never used from userspace, disallow these parameters.

BUG=b/333614753
TEST=presubmit
RELEASE_NOTE=Fixed CVE-2023-52620 in Linux kernel.

cos-patch: security-moderate
Change-Id: I3177966e4962385da8f9298455dc46c1f86771e9
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/70972
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Anil Altinay <aaltinay@google.com>

net/netfilter/nf_tables_api.c[diff]

1 file changed

tree: ebe67932183bf7c0056f6364cf289c94b988bfa9