[PATCH v6.1 0/3] Fix CVE-2026-23272
From: Shivani Agarwal
Date: Fri Jun 19 2026 - 05:58:33 EST
To fix CVE-2026-23272, commit def602e498a4 is required; however,
it depends on commit d4b7f29eb85c and 8d738c1869f6. Therefore,
both patches have been backported to v6.1.
Florian Westphal (1):
netfilter: nf_tables: always increment set element count
Pablo Neira Ayuso (2):
netfilter: nf_tables: fix set size with rbtree backend
netfilter: nf_tables: unconditionally bump set->nelems before
insertion
include/net/netfilter/nf_tables.h | 6 +++
net/netfilter/nf_tables_api.c | 72 ++++++++++++++++++++++++++-----
net/netfilter/nft_set_rbtree.c | 43 ++++++++++++++++++
3 files changed, 110 insertions(+), 11 deletions(-)
--
2.53.0