OpenE2K/linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
6b69fe0c73
linux/net
History
Patrick McHardy 6b69fe0c73 netfilter: nf_conntrack_tcp: fix endless loop 
When a conntrack entry is destroyed in process context and destruction
is interrupted by packet processing and the packet is an attempt to
reopen a closed connection, TCP conntrack tries to kill the old entry
itself and returns NF_REPEAT to pass the packet through the hook
again. This may lead to an endless loop: TCP conntrack repeatedly
finds the old entry, but can not kill it itself since destruction
is already in progress, but destruction in process context can not
complete since TCP conntrack is keeping the CPU busy.

Drop the packet in TCP conntrack if we can't kill the connection
ourselves to avoid this.

Reported by: hemao77@gmail.com [ Kernel bugzilla #11058 ]
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-07-09 15:06:12 -07:00
..
9p
802
8021q
appletalk
atm atm: [br2864] fix routed vcmux support 2008-06-16 17:18:18 -07:00
ax25 ax25: Fix NULL pointer dereference and lockup. 2008-06-03 14:53:46 -07:00
bluetooth bluetooth: rfcomm_dev_state_change deadlock fix 2008-06-03 14:27:17 -07:00
bridge bridge: fix use-after-free in br_cleanup_bridges() 2008-07-03 03:53:42 -07:00
can can: add sanity checks 2008-07-05 23:38:43 -07:00
core net: fib_rules: fix error code for unsupported families 2008-07-01 19:59:37 -07:00
dccp dccp: Bug in initial acknowledgment number assignment 2008-06-11 11:19:10 +01:00
decnet
econet
ethernet
ieee80211
ipv4 tcp: fix a size_t < 0 comparison in tcp_read_sock 2008-07-03 03:31:21 -07:00
ipv6 ipv6: fix race between ipv6_del_addr and DAD timer 2008-07-08 15:13:31 -07:00
ipx
irda irda: Fix netlink error path return value 2008-07-08 03:07:43 -07:00
iucv
key ipsec: pfkey should ignore events when no listeners 2008-06-10 14:25:34 -07:00
lapb
llc llc: Fix double accounting of received packets 2008-05-30 02:57:29 -07:00
mac80211 mac80211: don't report selected IBSS when not found 2008-07-07 15:31:40 -04:00
netfilter netfilter: nf_conntrack_tcp: fix endless loop 2008-07-09 15:06:12 -07:00
netlabel netlabel: Fix a problem when dumping the default IPv6 static labels 2008-06-27 20:12:32 -07:00
netlink netlink: Unneeded local variable 2008-07-01 19:55:09 -07:00
netrom
packet
rfkill
rose
rxrpc
sched net-sched: fix filter destruction in atm/hfsc qdisc destruction 2008-07-01 19:53:09 -07:00
sctp sctp: Mark the tsn as received after all allocations finish 2008-07-08 02:28:39 -07:00
sunrpc
tipc
unix af_unix: fix 'poll for write'/connected DGRAM sockets 2008-06-27 19:34:18 -07:00
wanrouter
wireless mac80211: implement EU regulatory domain 2008-06-25 10:31:29 -04:00
x25
xfrm xfrm: xfrm_algo: correct usage of RIPEMD-160 2008-06-04 12:04:55 -07:00
compat.c
Kconfig
Makefile
nonet.c
socket.c
sysctl_net.c
TUNABLE