The following patchset adds a check during the load of an u32 value into an u8 attribute which can cause an overflow.
Laura Garcia Liebana (5): netfilter: nf_tables: Check u32 load in u8 nft_bitwise attribute netfilter: nf_tables: Check u32 load in u8 nft_byteorder attribute netfilter: nf_tables: Check u32 load in u8 nft_cmp attribute netfilter: nf_tables: Check u32 load in u8 nft_immediate attribute netfilter: nf_tables: Check u32 load in u8 nft_nat attribute net/netfilter/nft_bitwise.c | 7 ++++++- net/netfilter/nft_byteorder.c | 13 +++++++++++-- net/netfilter/nft_cmp.c | 5 ++++- net/netfilter/nft_immediate.c | 3 +++ net/netfilter/nft_nat.c | 2 ++ 5 files changed, 26 insertions(+), 4 deletions(-) -- 2.8.1 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
