Re: [PATCH net] xfrm_user: fix info leak in build_mapping()

Next message: Rui Qi: "[PATCH] riscv: Fix ftrace_graph_ret_addr() to use the correct task pointer"
Previous message: Steffen Klassert: "Re: [PATCH ipsec] xfrm: fix refcount leak in xfrm_migrate_policy_find"
In reply to: Steffen Klassert: "Re: [PATCH net] xfrm_user: fix info leak in build_mapping()"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH net] xfrm_user: fix info leak in build_mapping()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Steffen Klassert

Date: Wed Apr 08 2026 - 05:32:51 EST

On Tue, Apr 07, 2026 at 06:12:11PM -0700, Jakub Kicinski wrote:
> On Tue, 7 Apr 2026 07:51:15 +0200 Greg Kroah-Hartman wrote:
> > > > I guess nlmsg_append() would work? It tries to do some zeroing out for
> > > > alignment for some reason...
> > > >
> > > > Want me to do that? I don't have a way to test any of this, I just
> > > > found it using some static code analysis tools that looked at holes in
> > > > structures.
> > >
> > > Do you have any more Netlink leaks in the queue? If you do let's do it,
> > > if you don't we can wait until the next victi^w patch to arrive.
> >
> > I do not have any more, sorry. So is it worth it for just these 2?
> > Your call :)
>
> These are fine. I would have applied but I think Steffen will take them
> via the ipsec tree first (LMK if that's not the plan, Steffen)

Both patches are now applied to the ipsec tree. Thanks a lot!