)]}'
{
  "commit": "274b1e779114c4e58a62fee4f839d1a4dbf719e1",
  "tree": "03181b05c182bc7693b7bfae179ffa4824e59395",
  "parents": [
    "47d02fbe860d9b0cbcd6c4d0c92fb3f90bace5ab"
  ],
  "author": {
    "name": "Pablo Neira Ayuso",
    "email": "pablo@netfilter.org",
    "time": "Fri Mar 01 00:11:10 2024 +0100"
  },
  "committer": {
    "name": "Anil Altinay",
    "email": "aaltinay@google.com",
    "time": "Sun Apr 14 02:59:27 2024 +0000"
  },
  "message": "netfilter: nf_tables: disallow anonymous set with timeout flag\n\ncommit 16603605b667b70da974bea8216c93e7db043bf1 upstream.\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.\n\nCc: stable@vger.kernel.org\nFixes: 761da2935d6e (\"netfilter: nf_tables: add set timeout API support\")\nReported-by: lonial con \u003ckongln9170@gmail.com\u003e\nSigned-off-by: Pablo Neira Ayuso \u003cpablo@netfilter.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\nBUG\u003db/333551758\nTEST\u003dpresubmit\nRELEASE_NOTE\u003dFixed CVE-2024-26642 in the Linux kernel.\n\ncos-patch: security-moderate\nChange-Id: Idb03fa83a4c96bf91451b1abff61381140687ceb\nReviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/69151\nTested-by: Cusky Presubmit Bot \u003cpresubmit@cos-infra-prod.iam.gserviceaccount.com\u003e\nReviewed-by: Oleksandr Tymoshenko \u003covt@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "4f2ded6c0d367b48e8812cc8110cbd6558f732c1",
      "old_mode": 33188,
      "old_path": "net/netfilter/nf_tables_api.c",
      "new_id": "a83bb841f1e3ad0e868920ac67cc9f07a3a98653",
      "new_mode": 33188,
      "new_path": "net/netfilter/nf_tables_api.c"
    }
  ]
}