[PATCH 4.14 035/210] netfilter: nf_queue: fix socket leak
From: Greg Kroah-Hartman
Date: Mon Oct 24 2022 - 08:02:36 EST
From: Vimal Agrawal <avimalin@xxxxxxxxx>
Removal of the sock_hold got lost when backporting commit 4d05239203fa
("netfilter: nf_queue: fix possible use-after-free") to 4.14
This was causing a socket leak and was caught by kmemleak.
Tested by running kmemleak again with this fix.
Fixes: ef97921ccdc2 ("netfilter: nf_queue: fix possible use-after-free") in 4.14
Signed-off-by: Vimal Agrawal <vimal.agrawal@xxxxxxxxxx>
Reviewed-by: Florian Westphal <fw@xxxxxxxxx>
---
net/netfilter/nf_queue.c | 2 --
1 file changed, 2 deletions(-)
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -91,8 +91,6 @@ bool nf_queue_entry_get_refs(struct nf_q
dev_hold(state->in);
if (state->out)
dev_hold(state->out);
- if (state->sk)
- sock_hold(state->sk);
#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
if (entry->skb->nf_bridge) {
struct net_device *physdev;