Re: [REGRESSION] 6.19.4 stable netfilter / nftables [resolved]

Next message: Keita Morisaki: "[PATCH net-next V2 RESEND] tcp: shrink per-packet memset in __tcp_transmit_skb()"
Previous message: John Garry: "Re: [PATCH 10/24] scsi-multipath: add scsi_mpath_{start,end}_request()"
In reply to: Thorsten Leemhuis: "Re: [REGRESSION] 6.19.4 stable netfilter / nftables [resolved]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Pablo Neira Ayuso

Date: Wed Mar 04 2026 - 06:15:16 EST

On Wed, Mar 04, 2026 at 06:50:32AM +0100, Thorsten Leemhuis wrote:
> On 3/3/26 23:03, Pablo Neira Ayuso wrote:
>
> > A new userspace release with this fix is required.
>
> But a new user space should never be required for a new kernel. Find a
> few quotes from Linus on this below. And I noticed other people ran
> into this, too, so it's not a corner case:
> https://lore.kernel.org/all/aaeIDJigEVkDfrRg@chamomile/
>
> So should this be reverted everywhere where this was applied? Or is
> there some way to do what the commit wanted to do without breaking
> userspace?

Thanks for explaining.

I kindly requested to revert in -stable:

netfilter: nft_set_rbtree: validate open interval overlap

which amplifies the userspace bug.