summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)Author
2026-04-18netfilter: nft_ct: fix use-after-free in timeout object destroyTuan Do
2026-04-18netfilter: nft_set_pipapo: do not rely on ZERO_SIZE_PTRFlorian Westphal
2026-04-11netfilter: ipset: drop logically empty buckets in mtype_delYifan Wu
2026-04-11netfilter: nf_tables: reject immediate NF_QUEUE verdictPablo Neira Ayuso
2026-04-11netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for N...Pablo Neira Ayuso
2026-04-11netfilter: ctnetlink: ignore explicit helper on new expectationsPablo Neira Ayuso
2026-04-11netfilter: nf_conntrack_expect: store netns and zone in expectationPablo Neira Ayuso
2026-04-11netfilter: nf_conntrack_expect: use expect->helperPablo Neira Ayuso
2026-04-11netfilter: nf_conntrack_expect: honor expectation helper fieldPablo Neira Ayuso
2026-04-11netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absentQi Tang
2026-04-11netfilter: nf_conntrack_helper: pass helper to expect cleanupQi Tang
2026-04-11netfilter: ipset: use nla_strcmp for IPSET_ATTR_NAME attrFlorian Westphal
2026-04-11netfilter: x_tables: ensure names are nul-terminatedFlorian Westphal
2026-04-11netfilter: nfnetlink_log: account for netlink header sizeFlorian Westphal
2026-04-11netfilter: flowtable: strictly check for maximum number of actionsPablo Neira Ayuso
2026-04-11netfilter: ctnetlink: use netlink policy range checksDavid Carlier
2026-04-11netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdpWeiming Shi
2026-04-11netfilter: nf_conntrack_expect: skip expectations in other netns via procPablo Neira Ayuso
2026-04-11netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOADWeiming Shi
2026-03-25netfilter: nft_set_pipapo: prevent overflow in lookup table allocationPablo Neira Ayuso
2026-03-25netfilter: nf_tables: missing objects with no memcg accountingPablo Neira Ayuso
2026-03-25netfilter: nft_set_pipapo: split gc into unlink and reclaim phaseFlorian Westphal
2026-03-25netfilter: nf_tables: de-constify set commit ops function argumentFlorian Westphal
2026-03-25nfnetlink_osf: validate individual option lengths in fingerprintsWeiming Shi
2026-03-25netfilter: nf_tables: release flowtable after rcu grace period on errorPablo Neira Ayuso
2026-03-25netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()Jenny Guanni Qu
2026-03-25netfilter: xt_time: use unsigned int for monthday bit shiftJenny Guanni Qu
2026-03-25netfilter: xt_CT: drop pending enqueued packets on template removalPablo Neira Ayuso
2026-03-25netfilter: nft_ct: drop pending enqueued packets on removalPablo Neira Ayuso
2026-03-25netfilter: nft_ct: add seqadj extension for natted connectionsAndrii Melnychenko
2026-03-25netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS caseJenny Guanni Qu
2026-03-25netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp()Lukas Johannes Möller
2026-03-25netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct()Hyunwoo Kim
2026-03-25netfilter: ctnetlink: remove refcounting in expectation dumpersFlorian Westphal
2026-03-25netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labelsYuan Tan
2026-03-25netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()Hyunwoo Kim
2026-03-25netfilter: nfnetlink_queue: fix entry leak in bridge verdict error pathHyunwoo Kim
2026-03-25netfilter: x_tables: guard option walkers against 1-byte tail readsDavid Dull
2026-03-25netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop()Jenny Guanni Qu
2026-03-04netfilter: nf_conntrack_h323: fix OOB read in decode_choice()Vahagn Vardanian
2026-03-04netfilter: xt_tcpmss: check remaining length before reading optlenFlorian Westphal
2026-03-04netfilter: nf_conntrack: Add allow_clash to generic protocol handlerYuto Hamaguchi
2026-03-04netfilter: nf_tables: fix use-after-free in nf_tables_addchain()Inseo An
2026-03-04netfilter: nf_conntrack_h323: don't pass uninitialised l3num valueFlorian Westphal
2026-03-04netfilter: nft_set_rbtree: check for partial overlaps in anonymous setsPablo Neira Ayuso
2026-03-04netfilter: nft_counter: fix reset of counters on 32bit archsAnders Grahn
2026-03-04netfilter: nft_set_hash: fix get operation on big endianFlorian Westphal
2026-03-04netfilter: nf_conncount: fix tracking of connections from localhostFernando Fernandez Mancera
2026-03-04netfilter: nft_compat: add more restrictions on netlink attributesFlorian Westphal
2026-03-04netfilter: nf_conncount: increase the connection clean up limit to 64Fernando Fernandez Mancera
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-24 08:22:47 +0000