github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 22:52:35 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
4b552154cc
linux/net
History
Pablo Neira Ayuso 2b3e2b53d6 netfilter: nf_nat_sip: fix incorrect handling of EBUSY for RTCP expectation 
commit 3f509c689a upstream.

We're hitting bug while trying to reinsert an already existing
expectation:

kernel BUG at kernel/timer.c:895!
invalid opcode: 0000 [#1] SMP
[...]
Call Trace:
 <IRQ>
 [<ffffffffa0069563>] nf_ct_expect_related_report+0x4a0/0x57a [nf_conntrack]
 [<ffffffff812d423a>] ? in4_pton+0x72/0x131
 [<ffffffffa00ca69e>] ip_nat_sdp_media+0xeb/0x185 [nf_nat_sip]
 [<ffffffffa00b5b9b>] set_expected_rtp_rtcp+0x32d/0x39b [nf_conntrack_sip]
 [<ffffffffa00b5f15>] process_sdp+0x30c/0x3ec [nf_conntrack_sip]
 [<ffffffff8103f1eb>] ? irq_exit+0x9a/0x9c
 [<ffffffffa00ca738>] ? ip_nat_sdp_media+0x185/0x185 [nf_nat_sip]

We have to remove the RTP expectation if the RTCP expectation hits EBUSY
since we keep trying with other ports until we succeed.

Reported-by: Rafal Fitt <rafalf@aplusc.com.pl>
Acked-by: David Miller <davem@davemloft.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-10-21 09:17:11 -07:00
..
9p net/9p: Fix kernel crash with msize 512K 2011-10-03 11:40:22 -07:00
802 snap: remove one synchronize_net() 2011-05-23 16:29:24 -04:00
8021q 8021q: fix mac_len recomputation in vlan_untag() 2012-10-13 05:28:06 +09:00
appletalk appletalk: Fix OOPS in atalk_release(). 2011-03-31 18:59:10 -07:00
atm atm: fix info leak via getsockname() 2012-10-02 09:47:06 -07:00
ax25 net ax25: Reorder ax25_exit to remove races. 2012-04-27 09:51:21 -07:00
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2011-05-20 13:43:21 -07:00
bluetooth Bluetooth: L2CAP - Fix info leak via getsockname() 2012-10-02 09:47:21 -07:00
bridge bridge: Assign rtnl_link_ops to bridge devices created via ioctl (v2) 2012-07-16 08:47:37 -07:00
caif caif: Fix access to freed pernet memory 2012-08-09 08:27:51 -07:00
can can bcm: fix incomplete tx_setup fix 2011-11-11 09:36:45 -08:00
ceph ceph: fix file mode calculation 2011-07-19 11:25:04 -07:00
core pktgen: fix crash when generating IPv6 packets 2012-10-21 09:17:11 -07:00
dcb net: dcbnl: Update copyright dates 2011-03-14 17:02:42 -07:00
dccp dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO) 2012-10-02 09:47:21 -07:00
decnet net: fix NULL dereferences in check_peer_redir() 2012-02-13 11:06:13 -08:00
dns_resolver KEYS: Improve /proc/keys 2011-03-17 11:59:32 +11:00
dsa Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-05-05 14:59:02 -07:00
econet econet: Fix set-but-unused variable. 2011-04-17 00:15:22 -07:00
ethernet net: add IFF_SKB_TX_SHARED flag to priv_flags 2011-08-15 18:31:38 -07:00
ieee802154 ieee802154: Don't leak memory in ieee802154_nl_fill_phy 2011-06-13 18:03:22 -04:00
ipv4 netfilter: nf_nat_sip: fix incorrect handling of EBUSY for RTCP expectation 2012-10-21 09:17:11 -07:00
ipv6 ipv6: mip6: fix mip6_mh_filter() 2012-10-13 05:28:07 +09:00
ipx ipx: fix ipx_release() 2011-03-21 18:16:39 -07:00
irda irda: iriap: Use seperate lockdep class for irias_objects->hb_spinlock 2011-06-06 17:00:35 -07:00
iucv [S390] irq: merge irq.c and s390_ext.c 2011-05-26 09:48:24 +02:00
key net: convert %p usage to %pK 2011-05-24 01:13:12 -04:00
l2tp l2tp: fix a typo in l2tp_eth_dev_recv() 2012-10-13 05:28:07 +09:00
lapb
llc llc: fix info leak via getsockname() 2012-10-02 09:47:21 -07:00
mac80211 mac80211: cancel mesh path timer 2012-08-15 12:04:11 -07:00
netfilter netfilter: nf_conntrack: fix racy timer handling with reliable events 2012-10-21 09:17:11 -07:00
netlabel Remove prefetch() from <linux/skbuff.h> and "netlabel_addrlist.h" 2011-05-22 21:43:41 -07:00
netlink netlink: fix possible spoofing from non-root processes 2012-10-02 09:47:22 -07:00
netrom netrom: copy_datagram_iovec can fail 2012-10-13 05:28:08 +09:00
packet af_packet: remove BUG statement in tpacket_destruct_skb 2012-10-02 09:47:05 -07:00
phonet phonet: Check input from user before allocating 2012-04-27 09:51:19 -07:00
rds rds: set correct msg_namelen 2012-10-02 09:47:41 -07:00
rfkill net: rfkill: add generic gpio rfkill driver 2011-05-19 13:53:54 -04:00
rose rose_dev: fix memcpy-bug in rose_set_mac_address 2012-04-13 08:14:05 -07:00
rxrpc rxrpc: Fix set but unused variable 'usage' in rxrpc_get_transport() 2011-05-19 18:51:50 -04:00
sched pkt_sched: fix virtual-start-time update in QFQ 2012-10-13 05:28:06 +09:00
sctp sctp: Don't charge for data in sndbuf again when transmitting packet 2012-10-13 05:28:06 +09:00
sunrpc SUNRPC: Ensure that the TCP socket is closed when in CLOSE_WAIT 2012-10-21 09:17:10 -07:00
tipc tipc: Revise timings used when sending link request messages 2011-05-10 16:04:02 -04:00
unix net: convert %p usage to %pK 2011-05-24 01:13:12 -04:00
wanrouter wanmain: comparing array with NULL 2012-08-09 08:27:52 -07:00
wimax
wireless cfg80211: fix possible circular lock on reg_regdb_search() 2012-10-02 09:47:37 -07:00
x25 x25: Prevent skb overreads when checking call user data 2011-10-25 07:10:17 +02:00
xfrm xfrm_user: ensure user supplied esn replay window is valid 2012-10-13 05:28:05 +09:00
compat.c net: Add sendmmsg socket system call 2011-05-05 11:10:14 -07:00
Kconfig bpf: depends on MODULES 2011-04-29 10:20:53 -07:00
Makefile net: Enter net/ipv6/ even if CONFIG_IPV6=n 2011-03-07 12:50:52 -08:00
nonet.c
socket.c net: fix info leak in compat dev_ifconf() 2012-10-02 09:47:22 -07:00
sysctl_net.c
TUNABLE