bugzilla-daemon at netfilter.org
2019-Mar-07 02:06 UTC
[Bug 1325] New: Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 Bug ID: 1325 Summary: Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0 Product: nftables Version: unspecified Hardware: x86_64 OS: Gentoo Status: NEW Severity: normal Priority: P5 Component: kernel Assignee: pablo at netfilter.org Reporter: kfm at plushkava.net After upgrading one of my machines from 4.19.26 to 5.0, I encountered a crash during the boot process. This occurs at a point where nft(8) is invoked with the -c option, so as to test the validity of the previously saved ruleset. I was able to reduce the entire ruleset to just one rule, with the problem remaining fully reproducible. The offending ruleset, the resulting oops message and my kernel .config are duly attached. The affected machine is running Gentoo Linux. As such, the kernel sources include several minor patches above and beyond the kernel.org sources [1]. However, I have determined that these patches have no bearing on my ability to reproduce the issue. The kernel and userland have been compiled with gcc 8.2.0. Further, I am using nftables-0.9.0, which is linked to libnftnl-1.1.2 and libmnl-1.0.4. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/dace8e25/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 02:07 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #1 from kfm at plushkava.net --- Created attachment 558 --> https://bugzilla.netfilter.org/attachment.cgi?id=558&action=edit nftables ruleset -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/6f1003eb/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 02:08 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #2 from kfm at plushkava.net --- Created attachment 559 --> https://bugzilla.netfilter.org/attachment.cgi?id=559&action=edit oops message/trace -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/eb24f7f6/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 02:09 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #3 from kfm at plushkava.net --- Created attachment 560 --> https://bugzilla.netfilter.org/attachment.cgi?id=560&action=edit kernel .config -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/09d1f250/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 02:10 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #4 from kfm at plushkava.net --- And here's the missing reference from the initial post ... [1] https://dev.gentoo.org/~mpagano/genpatches/trunk/5.0/ -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/a44d874f/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 22:17 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #5 from kfm at plushkava.net --- The issue is resolved by the patch that Florian recently posted:- https://www.spinics.net/lists/netfilter-devel/msg58466.html -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/c5dd682a/attachment.html>
bugzilla-daemon at netfilter.org
2020-Jul-29 21:56 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 Pablo Neira Ayuso <pablo at netfilter.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #6 from Pablo Neira Ayuso <pablo at netfilter.org> --- Thanks for reporting. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200729/79f66494/attachment-0001.html>
Maybe Matching Threads
- [Bug 1202] New: Cannot match on both dport and sport in one nftables rule
- [Bug 1444] New: nftables-0.9.6 crashes on some set notations:
- [Bug 1195] New: 'list ruleset' of 'nft -f' outputs garbage while 'nft list ruleset' seems to work.
- [Bug 1477] New: Unable to use saved ruleset when using dynamic sets
- [Bug 1706] New: Nft is slow when loading ruleset with lots of add element calls of different interval maps