| Published | Title | Version | Author | Status |
|---|---|---|---|---|
| 2026-06-11 04:21 UTC | netfilter: nft_synproxy: stop bypassing the priv->info snapshot | 1 | runyu.xiao@seu.edu.cn | finished in 4h54m0s |
| 2026-06-10 10:39 UTC | netfilter: fix two remaining stale-stack register leaks | 2 | d.ornaghi97@gmail.com | finished in 4h27m0s |
| 2026-06-09 22:55 UTC | netfilter: nf_log: validate MAC header was set before dumping it | 2 | xmei5@asu.edu | finished in 4h18m0s |
| 2026-06-09 16:32 UTC | netfilter: fix two remaining stale-stack register leaks | 1 | d.ornaghi97@gmail.com | finished in 4h41m0s |
| 2026-06-08 17:06 UTC | netfilter: flowtable: use pskb_may_pull() in nf_flow_ip6_tunnel_proto() | 1 | lorenzo@kernel.org | finished in 4h21m0s |
| 2026-06-08 12:33 UTC | netfilter: flowtable: Validate iph->ihl in nf_flow_ip4_tunnel_proto() | 2 | lorenzo@kernel.org | finished in 4h19m0s |
| 2026-06-08 09:54 UTC | net/netfilter/nfnetlink_cttimeout: Use strscpy() to copy strings into arrays | 1 | david.laight.linux@gmail.com | finished in 4h58m0s |
| 2026-06-08 00:11 UTC | netfilter: nf_log: validate MAC header was set before dumping it | 1 | xmei5@asu.edu | finished in 4h5m0s |
| 2026-06-07 16:44 UTC | netfilter: synproxy: fix unaligned access to TCP timestamp option | 1 | rosenp@gmail.com | finished in 4h24m0s |
| 2026-06-06 20:26 UTC | net/netfilter/xt_recent: Use strscpy() to copy device name | 1 | david.laight.linux@gmail.com | finished in 4h44m0s |
| 2026-06-05 16:47 UTC | netfilter: flowtable: Validate iph->ihl in nf_flow_ip4_tunnel_proto() | 1 | lorenzo@kernel.org | finished in 4h19m0s |
| 2026-06-04 21:17 UTC | netfilter: flowtable: fix IP6IP6 tunnel offset double-count with vlan/pppoe encap | 1 | devnexen@gmail.com | finished in 4h49m0s |
| 2026-06-03 07:38 UTC | netfilter: nf_conntrack: destroy stale expectfn expectations on unregister | 1 | bestswngs@gmail.com | finished in 4h25m0s |
| 2026-06-03 02:50 UTC | netfilter: flowtable: remove inline segmentation | 1 | qingfang.deng@linux.dev | finished in 3h59m0s |
| 2026-05-31 15:50 UTC | Add IPv4 over IPv6 and SIT flowtable SW acceleration | 3 | lorenzo@kernel.org | finished in 3h56m0s |
| 2026-05-28 22:34 UTC | netfilter: TCPMSS: fix dropped packets when MSS option is unaligned | 2 | kacper.kokot.44@gmail.com | finished in 1h16m0s |
| 2026-05-28 07:21 UTC | netfilter: ipvs: fix ct refcount leak when template is invalid | 1 | vulab@iscas.ac.cn |
finished
in 4h49m0s
[1 findings] |
| 2026-05-28 07:08 UTC | netfilter: flowtable: fix offloaded ct timeout never being extended | 2 | adibente@gmail.com | finished in 4h28m0s |
| 2026-05-27 13:57 UTC | netfilter: nft_tunnel: fix use-after-free on object destroy | 1 | tristmd@gmail.com | finished in 1h43m0s |
| 2026-05-27 08:18 UTC | ipvs: Replace use of system_unbound_wq with system_dfl_long_wq | 3 | marco.crivellari@suse.com | finished in 1h24m0s |
| 2026-05-26 06:01 UTC | netfilter: flowtable: fix offloaded ct timeout never being extended | 1 | adibente@gmail.com | finished in 4h2m0s |
| 2026-05-25 21:58 UTC | netfilter: nf_conntrack: use get_unaligned_be32() in tcp_sack() | 1 | rosenp@gmail.com | finished in 3h56m0s |
| 2026-05-25 20:11 UTC | netfilter: TCPMSS: fix dropped packets when MSS option is unaligned | 1 | kacper.kokot.44@gmail.com | finished in 4h9m0s |
| 2026-05-25 16:24 UTC | netfilter: flowtable: resolve LAG slave for direct HW offload | 1 | hurryman2212@gmail.com | finished in 4h45m0s |
| 2026-05-25 15:35 UTC | netfilter: nfnetlink_osf: fix mss parsing on big-endian architectures | 1 | fmancera@suse.de | finished in 1h3m0s |
| 2026-05-23 15:26 UTC | netfilter: flowtable: avoid num_encaps underflow on bridge VLAN untag | 1 | devnexen@gmail.com | finished in 1h42m0s |
| 2026-05-22 10:47 UTC | netfilter: xt_NFQUEUE: prefer raw_smp_processor_id | 1 | fmancera@suse.de | finished in 4h26m0s |
| 2026-05-20 02:34 UTC | netfilter: nft_fib_ipv6: handle routes via external nexthop | 2 | jiayuan.chen@linux.dev | finished in 4h25m0s |
| 2026-05-19 21:23 UTC | netfilter: nf_conntrack_irc: fix parse_dcc() off-by-one OOB read | 1 | meatuni001@gmail.com | finished in 1h40m0s |
| 2026-05-19 04:14 UTC | netfilter: nft_fib_ipv6: handle routes via external nexthop | 1 | jiayuan.chen@linux.dev | finished in 4h10m0s |
| 2026-05-19 01:55 UTC | ipvs: Use flexible array for MH lookup table | 1 | rosenp@gmail.com | finished in 2h4m0s |
| 2026-05-16 15:23 UTC | netfilter: disable payload mangling in userns | 1 | tpluszz77@gmail.com | finished in 4h1m0s |
| 2026-05-15 13:51 UTC | net: Replace system_unbound_wq with system_dfl_wq | 2 | marco.crivellari@suse.com | finished in 1h59m0s |
| 2026-05-14 14:46 UTC | net: neigh: Reallocate headroom if necessary in neigh_hh_bridge() | 4 | lorenzo@kernel.org | finished in 4h32m0s |
| 2026-05-14 14:16 UTC | netfilter: nf_conncount: prevent connlimit drops for early confirmed ct | 2 | fmancera@suse.de | finished in 4h24m0s |
| 2026-05-13 16:40 UTC | net: neigh: Reallocate headroom if necessary in neigh_hh_bridge() | 3 | lorenzo@kernel.org | finished in 4h30m0s |
| 2026-05-13 12:15 UTC | netfilter: nf_conncount: prevent connlimit drops for early confirmed ct | 1 | fmancera@suse.de | finished in 4h33m0s |
| 2026-05-12 21:55 UTC | netfilter: nf_conntrack_proto_tcp: fix typos in comments | 1 | avinash.duduskar@gmail.com | finished in 1h32m0s |
| 2026-05-12 20:51 UTC | ipv4: harden against ihl < 5 IP_HDRINCL packets | 1 | michael.bommarito@gmail.com | finished in 4h34m0s |
| 2026-05-11 15:57 UTC | net: neigh: Reallocate headroom if necessary in neigh_hh_bridge() | 2 | lorenzo@kernel.org | finished in 4h27m0s |
| 2026-05-11 14:43 UTC | netfilter: conntrack: tcp: do not force CLOSE on invalid-seq RST without direction check | 1 | hamzamahfooz@linux.microsoft.com | finished in 4h42m0s |
| 2026-05-11 14:37 UTC | netfilter: nf_tables: fix dst corruption in same register operation | 4 | fmancera@suse.de | finished in 4h44m0s |
| 2026-05-11 13:47 UTC | net: Replace system_unbound_wq with system_dfl_wq | 1 | marco.crivellari@suse.com | finished in 1h51m0s |
| 2026-05-08 11:25 UTC | net: neigh: Reallocate headroom if necessary in neigh_hh_bridge() | 1 | lorenzo@kernel.org | finished in 4h2m0s |
| 2026-05-07 13:44 UTC | netfilter: fix expectation reference leaks | 2 | lixiasong1@huawei.com | finished in 5h8m0s |
| 2026-05-06 17:27 UTC | Add IPv4 over IPv6 and SIT flowtable SW acceleration | 2 | lorenzo@kernel.org | finished in 4h33m0s |
| 2026-05-06 12:06 UTC | netfilter: fix nf_ct_expect_alloc() reference leaks | 1 | lixiasong1@huawei.com | finished in 4h43m0s |
| 2026-05-05 14:49 UTC | Add IPv4 over IPv6 flowtable SW acceleration | 1 | lorenzo@kernel.org | finished in 4h59m0s |
| 2026-05-05 05:11 UTC | netfilter: ctnetlink: use nf_ct_exp_net() in expectation dump | 1 | pratham36gupta@gmail.com | finished in 4h14m0s |
| 2026-05-03 08:32 UTC | netfilter: conntrack: shared port parser for helpers | 3 | rc@rexion.ai | finished in 4h23m0s |
| 2026-05-01 06:31 UTC | netfilter: conntrack: add shared port parser and use it in IRC and Amanda helpers | 2 | rc@rexion.ai | finished in 4h53m0s |
| 2026-04-30 18:25 UTC | netfilter: conntrack: add shared port parser and use it in IRC and Amanda helpers | 2 | rc@rexion.ai | finished in 5h40m0s |
| 2026-04-29 14:24 UTC | netfilter: flowtable_offload: propagate CT mark to hardware offload path | 1 | lorenzo@kernel.org | finished in 4h27m0s |
| 2026-04-27 09:21 UTC | netfilter: nft_bitwise: fix dst corruption in same register shifts | 4 | fmancera@suse.de | finished in 4h40m0s |
| 2026-04-23 15:54 UTC | netfilter: nft_bitwise: fix dst corruption in same register shifts | 3 | fmancera@suse.de | finished in 4h24m0s |
| 2026-04-23 12:05 UTC | netfilter: nft_bitwise: fix dst corruption in same register shifts | 2 | fmancera@suse.de | finished in 4h13m0s |
| 2026-04-21 17:38 UTC | netfilter: nft_bitwise: fix dst corruption in same register shifts | 1 | fmancera@suse.de | finished in 4h27m0s |
| 2026-04-21 15:59 UTC | expr: add support to math expression | 4 | fmancera@suse.de | skipped |
| 2026-04-21 15:59 UTC | netfilter: nf_tables: add math expression support | 5 | fmancera@suse.de | finished in 1h29m0s |
| 2026-04-20 17:06 UTC | expr: add support to math expression | 3 | fmancera@suse.de | skipped |
| 2026-04-20 17:05 UTC | netfilter: nf_tables: add math expression support | 4 | fmancera@suse.de | finished in 1h37m0s |
| 2026-04-20 13:39 UTC | netfilter: flowtable_offload: propagate CT mark to hardware offload path | 1 | lorenzo@kernel.org | finished in 4h0m0s |
| 2026-04-20 10:58 UTC | bpf: add icmp_send_unreach kfunc | 4 | mahe.tardy@gmail.com | finished in 4h37m0s |
| 2026-04-18 19:58 UTC | selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test | 2 | yiche.cy@gmail.com | finished in 1h4m0s |
| 2026-04-18 16:30 UTC | netfilter: xt_TCPMSS: check skb_dst before path-MTU clamping | 1 | bestswngs@gmail.com | finished in 4h27m0s |
| 2026-04-15 14:40 UTC | ipvs: fix MTU check for GSO packets in tunnel mode | 4 | 342144303@qq.com | finished in 4h41m0s |
| 2026-04-15 03:43 UTC | netfilter: xt_realm: fix null-ptr-deref in realm_mt() | 1 | hxzene@gmail.com | finished in 2h9m0s |
| 2026-04-14 22:14 UTC | netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO | 2 | xmei5@asu.edu | finished in 4h39m0s |
| 2026-04-14 10:49 UTC | netfilter: nfnetlink_osf: fix null-ptr-deref in nf_osf_ttl | 2 | hxzene@gmail.com | finished in 4h41m0s |
| 2026-04-14 07:45 UTC | netfilter: nfnetlink_osf: fix null-ptr-deref in nf_osf_ttl | 1 | hxzene@gmail.com | finished in 5h2m0s |
| 2026-04-13 12:37 UTC | netfilter: nf_conncount: make number of hash slots configurable | 1 | deliran@verdict.gg | finished in 1h0m0s |
| 2026-04-12 22:28 UTC | netfilter: nft_set_rbtree: fix use count leak on transaction abort | 3 | marko.jevtic@codereflect.io | finished in 4h17m0s |
| 2026-04-11 18:57 UTC | netfilter: nfnl_cthelper: apply per-class values when updating policies | 1 | devnexen@gmail.com | finished in 4h5m0s |
| 2026-04-10 20:48 UTC | netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO | 1 | xmei5@asu.edu | finished in 4h5m0s |
| 2026-04-10 10:13 UTC | netfilter: nf_tables: use RCU-safe list primitives for basechain hook list | 1 | bestswngs@gmail.com | finished in 4h27m0s |
| 2026-04-09 22:34 UTC | [next] netfilter: x_tables: Avoid a couple -Wflex-array-member-not-at-end warnings | 3 | gustavoars@kernel.org | finished in 4h31m0s |
| 2026-04-09 20:28 UTC | [next] netfilter: x_tables: Avoid a couple -Wflex-array-member-not-at-end warnings | 2 | gustavoars@kernel.org | finished in 4h11m0s |
| 2026-04-09 13:07 UTC | improve hw flow offload byte accounting | 1 | daniel@makrotopia.org |
finished
in 1h1m0s
[1 findings] |
| 2026-04-09 10:49 UTC | netfilter: nft_fwd_netdev: use recursion counter in neigh egress path | 2 | bestswngs@gmail.com | finished in 4h38m0s |
| 2026-04-09 09:50 UTC | netfilter: nf_conntrack_sip: fix OOB read in epaddr_len and ct_sip_parse_header_uri | 1 | bestswngs@gmail.com | finished in 2h32m0s |
| 2026-04-09 05:36 UTC | netfilter: nft_fwd_netdev: use recursion counter in neigh egress path | 1 | bestswngs@gmail.com | finished in 4h22m0s |
| 2026-04-08 21:27 UTC | [next] netfilter: x_tables: Avoid a couple -Wflex-array-member-not-at-end warnings | 1 | gustavoars@kernel.org | finished in 4h52m0s |
| 2026-04-08 07:35 UTC | netfilter: arp_tables: fix IEEE1394 ARP payload parsing in arp_packet_match() | 1 | bestswngs@gmail.com | finished in 4h30m0s |
| 2026-04-06 21:18 UTC | selftests: nft_queue.sh: add a parallel stress test | 1 | fmancera@suse.de | finished in 1h6m0s |
| 2026-04-03 20:59 UTC | netfilter: xt_HL: add pr_fmt and checkentry validation | 3 | marino.dzalto@gmail.com | finished in 4h40m0s |
| 2026-04-03 20:03 UTC | netfilter: xt_HL: add pr_fmt, drop NULL checks, add checkentry validation | 2 | marino.dzalto@gmail.com | finished in 4h22m0s |
| 2026-04-03 19:39 UTC | netfilter: xt_HL: add pr_fmt, default case and NULL checks | 1 | marino.dzalto@gmail.com |
finished
in 1h9m0s
[1 findings] |
| 2026-04-03 18:53 UTC | netfilter: xt_dscp: replace -EDOM with -EINVAL and unify match functions | 1 | marino.dzalto@gmail.com | finished in 4h32m0s |
| 2026-04-02 14:46 UTC | ipvs: fix MTU check for GSO packets in tunnel mode | 3 | 342144303@qq.com | finished in 4h21m0s |
| 2026-04-02 12:09 UTC | ipvs: fix MTU check for GSO packets in tunnel mode | 2 | 342144303@qq.com |
finished
in 1h15m0s
[1 findings] |
| 2026-04-01 21:20 UTC | netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator | 2 | xmei5@asu.edu | finished in 4h16m0s |
| 2026-04-01 19:57 UTC | netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator | 1 | xmei5@asu.edu | finished in 4h28m0s |
| 2026-04-01 15:38 UTC | ipvs: fix MTU check for GSO packets in tunnel mode | 1 | 342144303@qq.com | finished in 4h32m0s |
| 2026-04-01 07:58 UTC | ipvs: fix NULL deref in ip_vs_add_service error path | 2 | bestswngs@gmail.com | finished in 4h54m0s |
| 2026-04-01 07:44 UTC | Deprecate Legacy IP | 1 | dwmw2@infradead.org |
finished
in 3h0m0s
[1 findings] |
| 2026-04-01 04:16 UTC | ipvs: fix NULL deref in ip_vs_add_service error path | 1 | bestswngs@gmail.com | finished in 4h32m0s |
| 2026-03-31 06:17 UTC | netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent | 2 | tpluszz77@gmail.com | finished in 4h8m0s |
| 2026-03-31 06:14 UTC | netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent | 2 | tpluszz77@gmail.com | finished in 4h16m0s |
| 2026-03-30 11:35 UTC | selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test | 1 | yiche@redhat.com | finished in 1h20m0s |
| 2026-03-29 16:52 UTC | netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent | 1 | tpluszz77@gmail.com | finished in 4h21m0s |