Merge tag 'nf-26-02-05' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf

kuba-moo · kuba-moo · commit d9eb31781228 · 2026-02-05T08:38:03.000-08:00
Florian Westphal says: ==================== netfilter: update for net This is one last-minute crash fix for nf_tables, from Andrew Fasano: Logical check is inverted, this makes kernel fail to correctly undo the transaction, leading to a use-after-free. * tag 'nf-26-02-05' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() ==================== Link: https://patch.msgid.link/20260205074450.3187-1-fw@strlen.de Signed-off-by: Jakub Kicinski <kuba@kernel.org>
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
@@ -5914,7 +5914,7 @@ static void nft_map_catchall_activate(const struct nft_ctx *ctx,
 
 	list_for_each_entry(catchall, &set->catchall_list, list) {
 		ext = nft_set_elem_ext(set, catchall->elem);
-		if (!nft_set_elem_active(ext, genmask))
+		if (nft_set_elem_active(ext, genmask))
 			continue;
 
 		nft_clear(ctx->net, ext);
