)]}'
{
  "commit": "cfa34288bca0e47eef0237d278e843081d254680",
  "tree": "b83fdb9ad86b6c78bda268cae681091d87ac47c1",
  "parents": [
    "04076b0f39faa152f48906f068f1e00ebebbc67a"
  ],
  "author": {
    "name": "Pablo Neira Ayuso",
    "email": "pablo@netfilter.org",
    "time": "Tue Aug 13 12:39:46 2024 +0200"
  },
  "committer": {
    "name": "Oleksandr Tymoshenko",
    "email": "ovt@google.com",
    "time": "Fri Sep 13 22:33:55 2024 +0000"
  },
  "message": "netfilter: flowtable: validate vlan header\n\n[ Upstream commit 6ea14ccb60c8ab829349979b22b58a941ec4a3ee ]\n\nEnsure there is sufficient room to access the protocol field of the\nVLAN header, validate it once before the flowtable lookup.\n\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32\n nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5440 [inline]\n\nBUG\u003db/365947737\nTEST\u003dpresubmit\nRELEASE_NOTE\u003dFixes CVE-2024-44983 in the Linux kernel\n\ncos-patch: security-high\nFixes: 4cd91f7c290f (\"netfilter: flowtable: add vlan support\")\nReported-by: syzbot+8407d9bb88cd4c6bf61a@syzkaller.appspotmail.com\nChange-Id: I7c8f3807af0a9c43ddaa72c61d1259b6d53bf79e\nSigned-off-by: Pablo Neira Ayuso \u003cpablo@netfilter.org\u003e\nSigned-off-by: Sasha Levin \u003csashal@kernel.org\u003e\nSigned-off-by: Kernel CVE Triage Automation \u003ccloud-image-kernel-cve-triage-automation@prod.google.com\u003e\nReviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/80820\nReviewed-by: Kevin Berry \u003ckpberry@google.com\u003e\nTested-by: Cusky Presubmit Bot \u003cpresubmit@cos-infra-prod.iam.gserviceaccount.com\u003e\nReviewed-by: Oleksandr Tymoshenko \u003covt@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "6eef15648b7b0853fb249288bf4545dca3a2cf85",
      "old_mode": 33188,
      "old_path": "net/netfilter/nf_flow_table_inet.c",
      "new_id": "b0f199171932414bdeddc2f7e33a5cd469cb10c5",
      "new_mode": 33188,
      "new_path": "net/netfilter/nf_flow_table_inet.c"
    },
    {
      "type": "modify",
      "old_id": "22bc0e3d8a0b5953373f6d42d44790bacfa96563",
      "old_mode": 33188,
      "old_path": "net/netfilter/nf_flow_table_ip.c",
      "new_id": "34be2c9bc39d838baed21608b184118a5291da32",
      "new_mode": 33188,
      "new_path": "net/netfilter/nf_flow_table_ip.c"
    }
  ]
}