bugzilla-daemon at netfilter.org
2019-Mar-07 02:06 UTC
[Bug 1325] New: Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325
Bug ID: 1325
Summary: Reproducible NULL ptr deref upon checking trivial
nftables ruleset in Linux 5.0
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Gentoo
Status: NEW
Severity: normal
Priority: P5
Component: kernel
Assignee: pablo at netfilter.org
Reporter: kfm at plushkava.net
After upgrading one of my machines from 4.19.26 to 5.0, I encountered a crash
during the boot process. This occurs at a point where nft(8) is invoked with
the -c option, so as to test the validity of the previously saved ruleset. I
was able to reduce the entire ruleset to just one rule, with the problem
remaining fully reproducible. The offending ruleset, the resulting oops message
and my kernel .config are duly attached.
The affected machine is running Gentoo Linux. As such, the kernel sources
include several minor patches above and beyond the kernel.org sources [1].
However, I have determined that these patches have no bearing on my ability to
reproduce the issue. The kernel and userland have been compiled with gcc 8.2.0.
Further, I am using nftables-0.9.0, which is linked to libnftnl-1.1.2 and
libmnl-1.0.4.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/dace8e25/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 02:07 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #1 from kfm at plushkava.net --- Created attachment 558 --> https://bugzilla.netfilter.org/attachment.cgi?id=558&action=edit nftables ruleset -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/6f1003eb/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 02:08 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #2 from kfm at plushkava.net --- Created attachment 559 --> https://bugzilla.netfilter.org/attachment.cgi?id=559&action=edit oops message/trace -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/eb24f7f6/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 02:09 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #3 from kfm at plushkava.net --- Created attachment 560 --> https://bugzilla.netfilter.org/attachment.cgi?id=560&action=edit kernel .config -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/09d1f250/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 02:10 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #4 from kfm at plushkava.net --- And here's the missing reference from the initial post ... [1] https://dev.gentoo.org/~mpagano/genpatches/trunk/5.0/ -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/a44d874f/attachment.html>
bugzilla-daemon at netfilter.org
2019-Mar-07 22:17 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325 --- Comment #5 from kfm at plushkava.net --- The issue is resolved by the patch that Florian recently posted:- https://www.spinics.net/lists/netfilter-devel/msg58466.html -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190307/c5dd682a/attachment.html>
bugzilla-daemon at netfilter.org
2020-Jul-29 21:56 UTC
[Bug 1325] Reproducible NULL ptr deref upon checking trivial nftables ruleset in Linux 5.0
https://bugzilla.netfilter.org/show_bug.cgi?id=1325
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #6 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Thanks for reporting.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200729/79f66494/attachment-0001.html>
Maybe Matching Threads
- [Bug 1202] New: Cannot match on both dport and sport in one nftables rule
- [Bug 1444] New: nftables-0.9.6 crashes on some set notations:
- [Bug 1195] New: 'list ruleset' of 'nft -f' outputs garbage while 'nft list ruleset' seems to work.
- [Bug 1477] New: Unable to use saved ruleset when using dynamic sets
- [Bug 1706] New: Nft is slow when loading ruleset with lots of add element calls of different interval maps