summaryrefslogtreecommitdiffstats
path: root/net/netfilter
AgeCommit message (Expand)AuthorLines
2026-03-26netfilter: ctnetlink: use netlink policy range checksDavid Carlier-18/+8
2026-03-26netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdpWeiming Shi-4/+10
2026-03-26netfilter: nf_conntrack_expect: skip expectations in other netns via procPablo Neira Ayuso-0/+4
2026-03-26netfilter: nf_conntrack_expect: store netns and zone in expectationPablo Neira Ayuso-3/+17
2026-03-26netfilter: ctnetlink: ensure safe access to master conntrackPablo Neira Ayuso-10/+30
2026-03-26netfilter: nf_conntrack_expect: use expect->helperPablo Neira Ayuso-21/+13
2026-03-26netfilter: nf_conntrack_expect: honor expectation helper fieldPablo Neira Ayuso-11/+28
2026-03-26netfilter: nft_set_rbtree: revisit array resize logicPablo Neira Ayuso-17/+75
2026-03-26netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOADWeiming Shi-6/+2
2026-03-25netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiryFlorian Westphal-10/+10
2026-03-19nfnetlink_osf: validate individual option lengths in fingerprintsWeiming Shi-0/+13
2026-03-19netfilter: nf_tables: release flowtable after rcu grace period on errorPablo Neira Ayuso-0/+1
2026-03-19netfilter: bpf: defer hook memory release until rcu readers are doneFlorian Westphal-1/+1
2026-03-13netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()Jenny Guanni Qu-0/+2
2026-03-13netfilter: xt_time: use unsigned int for monthday bit shiftJenny Guanni Qu-2/+2
2026-03-13netfilter: xt_CT: drop pending enqueued packets on template removalPablo Neira Ayuso-0/+4
2026-03-13netfilter: nft_ct: drop pending enqueued packets on removalPablo Neira Ayuso-0/+4
2026-03-13nf_tables: nft_dynset: fix possible stateful expression memleak in error pathPablo Neira Ayuso-3/+11
2026-03-13netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS caseJenny Guanni Qu-0/+2
2026-03-13netfilter: nf_flow_table_ip: reset mac header before vlan pushEric Woudstra-0/+1
2026-03-13netfilter: revert nft_set_rbtree: validate open interval overlapFlorian Westphal-78/+14
2026-03-13netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp()Lukas Johannes Möller-1/+5
2026-03-13netfilter: conntrack: add missing netlink policy validationsFlorian Westphal-2/+3
2026-03-13netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct()Hyunwoo Kim-1/+25
2026-03-10netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labelsYuan Tan-0/+6
2026-03-10netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()Hyunwoo Kim-4/+4
2026-03-10netfilter: nfnetlink_queue: fix entry leak in bridge verdict error pathHyunwoo Kim-1/+3
2026-03-10netfilter: x_tables: guard option walkers against 1-byte tail readsDavid Dull-4/+6
2026-03-10netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop()Jenny Guanni Qu-1/+2
2026-03-10netfilter: nf_tables: always walk all pending catchall elementsFlorian Westphal-2/+0
2026-03-10netfilter: nf_tables: Fix for duplicate device in netdev hooksPhil Sutter-2/+2
2026-03-05netfilter: nft_set_pipapo: split gc into unlink and reclaim phaseFlorian Westphal-13/+45
2026-03-05netfilter: nf_tables: clone set on flush onlyPablo Neira Ayuso-6/+24
2026-03-05netfilter: nf_tables: unconditionally bump set->nelems before insertionPablo Neira Ayuso-14/+16
2026-02-26Merge tag 'net-7.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netd...Linus Torvalds-1/+1
2026-02-26netfilter: nf_conntrack_h323: fix OOB read in decode_choice()Vahagn Vardanian-1/+1
2026-02-22Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL usesKees Cook-3/+3
2026-02-21Convert more 'alloc_obj' cases to default GFP_KERNEL argumentsLinus Torvalds-6/+3
2026-02-21Convert 'alloc_flex' family to use the new default GFP_KERNEL argumentLinus Torvalds-3/+3
2026-02-21Convert 'alloc_obj' family to use the new default GFP_KERNEL argumentLinus Torvalds-47/+47
2026-02-21treewide: Replace kmalloc with kmalloc_obj for non-scalar typesKees Cook-118/+110
2026-02-17netfilter: nf_tables: fix use-after-free in nf_tables_addchain()Inseo An-0/+1
2026-02-17ipvs: do not keep dest_dst if dev is going downJulian Anastasov-10/+36
2026-02-17ipvs: skip ipv6 extension headers for csum checksJulian Anastasov-39/+20
2026-02-17netfilter: nf_conntrack_h323: don't pass uninitialised l3num valueFlorian Westphal-5/+5
2026-02-17netfilter: nf_tables: revert commit_mutex usage in reset pathBrian Witte-206/+42
2026-02-17netfilter: nft_quota: use atomic64_xchg for resetBrian Witte-6/+7
2026-02-17netfilter: nft_counter: serialize reset with spinlockBrian Witte-4/+16
2026-02-17netfilter: annotate NAT helper hook pointers with __rcuSun Jian-27/+29
2026-02-11Merge tag 'net-next-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds-404/+1123
generated by cgit v1.2.3 (git 2.46.0) at 2026-05-04 13:10:19 +0000