)]}'
{
  "commit": "f5fc1643a8415b46cd47e1b34de54712ee2885bc",
  "tree": "9bf17ded649c3bd85691215732447f55d36a3aba",
  "parents": [
    "ea0514afb6a2fdd037c6cd84228adab1a3880243"
  ],
  "author": {
    "name": "Florian Westphal",
    "email": "fw@strlen.de",
    "time": "Fri Sep 22 18:43:13 2023 +0200"
  },
  "committer": {
    "name": "Oleksandr Tymoshenko",
    "email": "ovt@google.com",
    "time": "Wed Oct 11 05:31:13 2023 +0000"
  },
  "message": "netfilter: nf_tables: fix memleak when more than 255 elements expired\n\ncommit cf5000a7787cbc10341091d37245a42c119d26c5 upstream.\n\nWhen more than 255 elements expired we\u0027re supposed to switch to a new gc\ncontainer structure.\n\nThis never happens: u8 type will wrap before reaching the boundary\nand nft_trans_gc_space() always returns true.\n\nThis means we recycle the initial gc container structure and\nlose track of the elements that came before.\n\nWhile at it, don\u0027t deref \u0027gc\u0027 after we\u0027ve passed it to call_rcu.\n\nFixes: 5f68718b34a5 (\"netfilter: nf_tables: GC transaction API to avoid race with control plane\")\nReported-by: Pablo Neira Ayuso \u003cpablo@netfilter.org\u003e\nSigned-off-by: Florian Westphal \u003cfw@strlen.de\u003e\nSigned-off-by: Pablo Neira Ayuso \u003cpablo@netfilter.org\u003e\nSigned-off-by: Sasha Levin \u003csashal@kernel.org\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "d543078c43f95ed761c76320f845a587dad44726",
      "old_mode": 33188,
      "old_path": "include/net/netfilter/nf_tables.h",
      "new_id": "098e829fd762f259d639915410a7801283ebed5b",
      "new_mode": 33188,
      "new_path": "include/net/netfilter/nf_tables.h"
    },
    {
      "type": "modify",
      "old_id": "f17036341b8fe2f39c94316ee7fb200090cd9a4f",
      "old_mode": 33188,
      "old_path": "net/netfilter/nf_tables_api.c",
      "new_id": "ba478d237785bc87a0e0994f6cc6916912244535",
      "new_mode": 33188,
      "new_path": "net/netfilter/nf_tables_api.c"
    }
  ]
}