Merge tag 'nf-24-07-04' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf

Paolo Abeni · Paolo Abeni · commit e367197166a0 · 2024-07-04T15:31:27.000+02:00
Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following batch contains a oneliner patch to inconditionally flush workqueue containing stale objects to be released, syzbot managed to trigger UaF. Patch from Florian Westphal. netfilter pull request 24-07-04 * tag 'nf-24-07-04' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: nf_tables: unconditionally flush pending work before notifier ==================== Link: https://patch.msgid.link/20240703223304.1455-1-pablo@netfilter.org Signed-off-by: Paolo Abeni <pabeni@redhat.com>
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
@@ -11483,8 +11483,7 @@ static int nft_rcv_nl_event(struct notifier_block *this, unsigned long event,
 
 	gc_seq = nft_gc_seq_begin(nft_net);
 
-	if (!list_empty(&nf_tables_destroy_list))
-		nf_tables_trans_destroy_flush_work();
+	nf_tables_trans_destroy_flush_work();
 again:
 	list_for_each_entry(table, &nft_net->tables, list) {
 		if (nft_table_has_owner(table) &&
