summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
5 daysnetfilter: ctnetlink: use netlink policy range checksDavid Carlier2-18/+8
5 daysnetfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdpWeiming Shi1-4/+10
5 daysnetfilter: nf_conntrack_expect: skip expectations in other netns via procPablo Neira Ayuso1-0/+4
5 daysnetfilter: nf_conntrack_expect: store netns and zone in expectationPablo Neira Ayuso3-3/+17
5 daysnetfilter: ctnetlink: ensure safe access to master conntrackPablo Neira Ayuso3-10/+30
5 daysnetfilter: nf_conntrack_expect: use expect->helperPablo Neira Ayuso4-21/+13
5 daysnetfilter: nf_conntrack_expect: honor expectation helper fieldPablo Neira Ayuso6-11/+28
5 daysnetfilter: nft_set_rbtree: revisit array resize logicPablo Neira Ayuso1-17/+75
5 daysnetfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOADWeiming Shi1-6/+2
6 daysnetfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiryFlorian Westphal1-10/+10
12 daysnfnetlink_osf: validate individual option lengths in fingerprintsWeiming Shi1-0/+13
12 daysnetfilter: nf_tables: release flowtable after rcu grace period on errorPablo Neira Ayuso1-0/+1
12 daysnetfilter: bpf: defer hook memory release until rcu readers are doneFlorian Westphal1-1/+1
2026-03-13netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()Jenny Guanni Qu1-0/+2
2026-03-13netfilter: xt_time: use unsigned int for monthday bit shiftJenny Guanni Qu1-2/+2
2026-03-13netfilter: xt_CT: drop pending enqueued packets on template removalPablo Neira Ayuso1-0/+4
2026-03-13netfilter: nft_ct: drop pending enqueued packets on removalPablo Neira Ayuso1-0/+4
2026-03-13nf_tables: nft_dynset: fix possible stateful expression memleak in error pathPablo Neira Ayuso2-3/+11
2026-03-13netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS caseJenny Guanni Qu1-0/+2
2026-03-13netfilter: nf_flow_table_ip: reset mac header before vlan pushEric Woudstra1-0/+1
2026-03-13netfilter: revert nft_set_rbtree: validate open interval overlapFlorian Westphal2-78/+14
2026-03-13netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp()Lukas Johannes Möller1-1/+5
2026-03-13netfilter: conntrack: add missing netlink policy validationsFlorian Westphal2-2/+3
2026-03-13netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct()Hyunwoo Kim1-1/+25
2026-03-10netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labelsYuan Tan1-0/+6
2026-03-10netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()Hyunwoo Kim1-4/+4
2026-03-10netfilter: nfnetlink_queue: fix entry leak in bridge verdict error pathHyunwoo Kim1-1/+3
2026-03-10netfilter: x_tables: guard option walkers against 1-byte tail readsDavid Dull2-4/+6
2026-03-10netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop()Jenny Guanni Qu1-1/+2
2026-03-10netfilter: nf_tables: always walk all pending catchall elementsFlorian Westphal1-2/+0
2026-03-10netfilter: nf_tables: Fix for duplicate device in netdev hooksPhil Sutter2-2/+2
2026-03-05netfilter: nft_set_pipapo: split gc into unlink and reclaim phaseFlorian Westphal3-13/+45
2026-03-05netfilter: nf_tables: clone set on flush onlyPablo Neira Ayuso4-6/+24
2026-03-05netfilter: nf_tables: unconditionally bump set->nelems before insertionPablo Neira Ayuso1-14/+16
2026-02-26Merge tag 'net-7.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netd...Linus Torvalds1-1/+1
2026-02-26netfilter: nf_conntrack_h323: fix OOB read in decode_choice()Vahagn Vardanian1-1/+1
2026-02-22Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL usesKees Cook3-3/+3
2026-02-22Convert more 'alloc_obj' cases to default GFP_KERNEL argumentsLinus Torvalds3-6/+3
2026-02-22Convert 'alloc_flex' family to use the new default GFP_KERNEL argumentLinus Torvalds3-3/+3
2026-02-22Convert 'alloc_obj' family to use the new default GFP_KERNEL argumentLinus Torvalds34-47/+47
2026-02-21treewide: Replace kmalloc with kmalloc_obj for non-scalar typesKees Cook54-118/+110
2026-02-17netfilter: nf_tables: fix use-after-free in nf_tables_addchain()Inseo An1-0/+1
2026-02-17ipvs: do not keep dest_dst if dev is going downJulian Anastasov1-10/+36
2026-02-17ipvs: skip ipv6 extension headers for csum checksJulian Anastasov3-39/+20
2026-02-17netfilter: nf_conntrack_h323: don't pass uninitialised l3num valueFlorian Westphal1-5/+5
2026-02-17netfilter: nf_tables: revert commit_mutex usage in reset pathBrian Witte1-206/+42
2026-02-17netfilter: nft_quota: use atomic64_xchg for resetBrian Witte1-6/+7
2026-02-17netfilter: nft_counter: serialize reset with spinlockBrian Witte1-4/+16
2026-02-17netfilter: annotate NAT helper hook pointers with __rcuSun Jian5-27/+29
2026-02-12Merge tag 'net-next-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds29-404/+1123
generated by cgit v1.2.3 (git 2.39.0) at 2026-03-31 17:26:43 +0300