)]}'
{
  "commit": "2212e86888e18d94ca4f0c03e85f2bb96d29348b",
  "tree": "3f748f0afa6773cca453fd2fb14ba8466eb728e0",
  "parents": [
    "2c45e3167f84ed443949389b86df675e6045440d"
  ],
  "author": {
    "name": "Pablo Neira Ayuso",
    "email": "pablo@netfilter.org",
    "time": "Thu Jul 20 09:17:21 2023 +0200"
  },
  "committer": {
    "name": "Oleksandr Tymoshenko",
    "email": "ovt@google.com",
    "time": "Wed Aug 09 03:40:43 2023 +0000"
  },
  "message": "netfilter: nf_tables: skip bound chain on rule flush\n\n[ Upstream commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8 ]\n\nSkip bound chain when flushing table rules, the rule that owns this\nchain releases these objects.\n\nOtherwise, the following warning is triggered:\n\n  WARNING: CPU: 2 PID: 1217 at net/netfilter/nf_tables_api.c:2013 nf_tables_chain_destroy+0x1f7/0x210 [nf_tables]\n  CPU: 2 PID: 1217 Comm: chain-flush Not tainted 6.1.39 #1\n  RIP: 0010:nf_tables_chain_destroy+0x1f7/0x210 [nf_tables]\n\nBUG\u003db/294892601\nTEST\u003dpresubmit\nRELEASE_NOTE\u003dFixed CVE-2023-3777 in the Linux kernel.\n\nFixes: d0e2c7de92c7 (\"netfilter: nf_tables: add NFT_CHAIN_BINDING\")\nReported-by: Kevin Rich \u003ckevinrich1337@gmail.com\u003e\nSigned-off-by: Pablo Neira Ayuso \u003cpablo@netfilter.org\u003e\nSigned-off-by: Florian Westphal \u003cfw@strlen.de\u003e\nSigned-off-by: Sasha Levin \u003csashal@kernel.org\u003e\nChange-Id: I31a31cc2a785e489b72574cbd6ca2ddb2b8e0281\nReviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/54108\nTested-by: Cusky Presubmit Bot \u003cpresubmit@cos-infra-prod.iam.gserviceaccount.com\u003e\nReviewed-by: Arnav Kansal \u003crnv@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "661e9d64c7bd22cd15da4ddfb4c4044182c6fd59",
      "old_mode": 33188,
      "old_path": "net/netfilter/nf_tables_api.c",
      "new_id": "2c67bcaa3a5409be03ec21325494f23c81215235",
      "new_mode": 33188,
      "new_path": "net/netfilter/nf_tables_api.c"
    }
  ]
}