| Published | Title | Version | Author | Status |
|---|---|---|---|---|
| 2026-03-07 17:20 UTC | netfilter: ctnetlink: fix use-after-free of exp->master in expectation dump | 1 | imv4bel@gmail.com | finished in 4h4m0s |
| 2026-03-06 19:12 UTC | netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop() | 2 | qguanni@gmail.com | finished in 4h5m0s |
| 2026-03-06 12:36 UTC | netfilter: nft_set_rbtree: allocate same array size on updates | 1 | pablo@netfilter.org |
finished
in 4h6m0s
[1 findings] |
| 2026-03-06 08:08 UTC | netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop() | 1 | qguanni@gmail.com | finished in 4h23m0s |
| 2026-03-05 21:49 UTC | udp: Retire UDP-Lite. | 2 | kuniyu@google.com | finished in 4h6m0s |
| 2026-03-05 21:17 UTC | netfilter: nf_tables: always walk all pending catchall elements | 1 | fw@strlen.de | finished in 3h54m0s |
| 2026-03-05 12:26 UTC | netfilter: updates for net | 2 | fw@strlen.de | finished in 4h3m0s |
| 2026-03-05 12:01 UTC | netfilter: nf_tables: Fix for duplicate device in netdev hooks | 1 | phil@nwl.cc | finished in 4h13m0s |
| 2026-03-05 00:47 UTC | net: Add SPDX ids to some source files | 1 | tim.bird@sony.com | finished in 4h11m0s |
| 2026-03-04 17:29 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h9m0s |
| 2026-03-04 11:49 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 4h13m0s |
| 2026-03-04 05:36 UTC | netfilter: nft_set_pipapo: split gc in unlink and reclaim phase | 2 | fw@strlen.de | finished in 4h22m0s |
| 2026-03-03 19:57 UTC | doc/netlink: Expand nftables specification | 8 | one-d-wide@protonmail.com | finished in 1h5m0s |
| 2026-03-03 19:02 UTC | netfilter: nft_set_pipapo: fix UaF during gc walk | 1 | fw@strlen.de | finished in 4h21m0s |
| 2026-03-03 10:15 UTC | netfilter: use function typedefs for __rcu NAT helper hook pointers | 1 | sun.jian.kdev@gmail.com | finished in 1h39m0s |
| 2026-03-02 21:26 UTC | netfilter: nf_tables: fix use-after-free on ops->dev | 1 | koike@igalia.com | finished in 4h16m0s |
| 2026-03-02 20:55 UTC | tcp: secure_seq: add back ports to TS offset | 1 | edumazet@google.com | finished in 4h21m0s |
| 2026-02-27 16:29 UTC | netfilter: nf_flow_table_ip: Introduce nf_flow_vlan_push() | 2 | ericwouds@gmail.com | finished in 4h11m0s |
| 2026-02-26 20:22 UTC | netfilter: nfnetlink_queue: remove locking in nfqnl_get_sk_secctx | 1 | fw@strlen.de | finished in 4h35m0s |
| 2026-02-26 20:21 UTC | ipv6: switch nft_fib_ipv6 to fib6_lookup | 2 | fw@strlen.de | finished in 4h24m0s |
| 2026-02-26 20:15 UTC | BIG TCP for UDP tunnels | 2 | alice.kernel@fastmail.im |
finished
in 3h58m0s
[1 findings] |
| 2026-02-26 16:19 UTC | selftests: netfilter: nft_queue.sh: avoid flakes on debug kernels | 2 | fw@strlen.de | finished in 1h2m0s |
| 2026-02-26 14:18 UTC | selftests: netfilter: nft_queue.sh: avoid flakes on debug kernels | 2 | fw@strlen.de | finished in 1h0m0s |
| 2026-02-26 09:40 UTC | netfilter: nfnetlink_queue: no longer acquire sk_callback_lock | 1 | edumazet@google.com | finished in 4h21m0s |
| 2026-02-26 08:58 UTC | netfilter: nfnetlink_log: no longer acquire sk_callback_lock | 1 | edumazet@google.com | finished in 4h27m0s |
| 2026-02-26 08:29 UTC | netfilter: nft_meta: no longer acquire sk_callback_lock in nft_meta_get_eval_skugid() | 1 | edumazet@google.com | finished in 4h1m0s |
| 2026-02-25 13:23 UTC | netfilter: xt_owner: no longer acquire sk_callback_lock in mt_owner() | 2 | edumazet@google.com | finished in 4h2m0s |
| 2026-02-25 13:20 UTC | netfilter: nf_log_syslog: no longer acquire sk_callback_lock in nf_log_dump_sk_uid_gid() | 2 | edumazet@google.com | finished in 4h13m0s |
| 2026-02-25 13:06 UTC | netfilter updates for net | 1 | fw@strlen.de | finished in 4h33m0s |
| 2026-02-25 00:13 UTC | netfilter: nf_tables: clone set on flush only | 1 | pablo@netfilter.org | finished in 4h7m0s |
| 2026-02-24 20:50 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 3h26m0s |
| 2026-02-24 18:22 UTC | netfilter: nf_tables: inconditionally bump set->nelems before insertion | 1 | pablo@netfilter.org | finished in 4h28m0s |
| 2026-02-24 15:50 UTC | net: pppoe: avoid zero-length arrays in struct pppoe_hdr | 20 | ericwouds@gmail.com | finished in 1h29m0s |
| 2026-02-24 12:33 UTC | netfilter: nf_log_syslog: no longer acquire sk_callback_lock in nf_log_dump_sk_uid_gid() | 1 | edumazet@google.com | finished in 4h11m0s |
| 2026-02-24 12:28 UTC | netfilter: xt_owner: no longer acquire sk_callback_lock in mt_owner() | 1 | edumazet@google.com | finished in 4h21m0s |
| 2026-02-24 06:53 UTC | conntrack: bridge: add double vlan, pppoe and pppoe-in-q | 19 | ericwouds@gmail.com | finished in 4h18m0s |
| 2026-02-23 19:00 UTC | selftests: netfilter: nft_queue.sh: increase udp_gro_ct subtest timeout | 1 | fw@strlen.de | finished in 1h12m0s |
| 2026-02-22 19:58 UTC | conntrack: bridge: add double vlan, pppoe and pppoe-in-q | 18 | ericwouds@gmail.com | finished in 3h50m0s |
| 2026-02-22 15:52 UTC | netfilter: nf_flow_table_ip: Introduce nf_flow_vlan_push() | 1 | ericwouds@gmail.com | finished in 3h56m0s |
| 2026-02-20 14:05 UTC | nf_tables: minor spring cleanup | 1 | fw@strlen.de | finished in 3h59m0s |
| 2026-02-17 16:32 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h6m0s |
| 2026-02-17 12:14 UTC | netfilter: nf_tables: fix use-after-free in nf_tables_addchain() | 1 | y0un9sa@gmail.com | finished in 4h0m0s |
| 2026-02-17 11:56 UTC | net: remove WARN_ON_ONCE when accessing forward path array | 1 | pablo@netfilter.org | finished in 4h15m0s |
| 2026-02-14 15:08 UTC | include: linux: nf_tables.h: Sync with current kernel UAPI headers | 1 | phil@nwl.cc | skipped |
| 2026-02-14 14:54 UTC | include: uapi: netfilter_bridge.h: Cover for musl libc | 2 | phil@nwl.cc | finished in 59m0s |
| 2026-02-12 20:50 UTC | configure: Implement --enable-profiling option | 4 | phil@nwl.cc | skipped |
| 2026-02-12 20:07 UTC | iptables: fix null dereference parsing bitwise operations | 2 | one-d-wide@protonmail.com | skipped |
| 2026-02-12 12:25 UTC | netfilter: nft_fib_ipv6: switch to fib6_lookup | 1 | fw@strlen.de | finished in 4h4m0s |
| 2026-02-11 20:14 UTC | configure: Implement --enable-profiling option | 3 | phil@nwl.cc | skipped |
| 2026-02-11 19:42 UTC | useful_functions: Fix for buffer overflow in parse_ip6_mask() | 1 | phil@nwl.cc | skipped |
| 2026-02-11 18:56 UTC | include: uapi: netfilter_bridge.h: Cover for musl libc | 1 | phil@nwl.cc | finished in 1h5m0s |
| 2026-02-11 11:52 UTC | netfilter: nf_conntrack_h323: don't pass uninitialised l3num value | 1 | fw@strlen.de | finished in 1h35m0s |
| 2026-02-08 11:00 UTC | net: flow_offload: protect driver_block_list in flow_block_cb_setup_simple() | 1 | syoshida@redhat.com | finished in 3h20m0s |
| 2026-02-06 17:14 UTC | xfrm: reduce struct sec_path size | 1 | pabeni@redhat.com | finished in 4h0m0s |
| 2026-02-06 15:30 UTC | netfilter: updates for net-next | 2 | fw@strlen.de | finished in 3h47m0s |
| 2026-02-05 14:44 UTC | net: skb: allow up to 8 skb extension ids | 1 | devnull@kernel.org | finished in 1h5m0s |
| 2026-02-05 12:30 UTC | netfilter: annotate NAT helper hook pointers with __rcu | 5 | sun.jian.kdev@gmail.com | finished in 1h39m0s |
| 2026-02-05 11:08 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 3h52m0s |
| 2026-02-05 07:44 UTC | netfilter: update for net | 1 | fw@strlen.de | finished in 3h56m0s |
| 2026-02-04 20:26 UTC | netfilter: nf_tables: fix reset request deadlock | 5 | brianwitte@mailfence.com | finished in 3h57m0s |
| 2026-02-04 15:38 UTC | netfilter: annotate NAT helper hook pointers with __rcu | 4 | sun.jian.kdev@gmail.com | finished in 1h5m0s |
| 2026-02-04 15:23 UTC | netfilter: nf_tables: add math expression support | 3 | fmancera@suse.de | finished in 1h19m0s |
| 2026-02-04 14:49 UTC | test: shell: run-test.sh: introduce NFT_TEST_EXCLUDES | 1 | yiche@redhat.com | skipped |
| 2026-02-03 14:55 UTC | netfilter: amanda: fix RCU pointer typing for nf_nat_amanda_hook | 2 | sun.jian.kdev@gmail.com | finished in 1h39m0s |
| 2026-02-03 13:48 UTC | netfilter: nft_counter: Fix reset of counters on 32bit archs | 3 | anders.grahn@gmail.com | finished in 4h10m0s |
| 2026-02-03 08:43 UTC | netfilter: bpf: add missing declaration for bpf_ct_set_nat_info | 1 | sun.jian.kdev@gmail.com | finished in 1h1m0s |
| 2026-02-03 08:01 UTC | netfilter: amanda: fix RCU pointer typing for nf_nat_amanda_hook | 1 | sun.jian.kdev@gmail.com | finished in 1h40m0s |
| 2026-02-03 05:07 UTC | netfilter: nf_tables: fix reset request deadlock | 4 | brianwitte@mailfence.com | finished in 4h4m0s |
| 2026-02-02 16:30 UTC | netfilter: nft_set_rbtree: don't gc elements on insert | 2 | fw@strlen.de | finished in 4h26m0s |
| 2026-02-02 10:14 UTC | iptables: fix null dereference parsing bitwise operations | 1 | one-d-wide@protonmail.com | skipped |
| 2026-02-02 09:40 UTC | doc/netlink: Expand nftables specification | 7 | one-d-wide@protonmail.com | finished in 1h11m0s |
| 2026-02-01 19:52 UTC | netfilter: nf_tables: fix reset request deadlock | 3 | brianwitte@mailfence.com | finished in 3h53m0s |
| 2026-02-01 06:25 UTC | netfilter: nf_tables: use dedicated spinlock for reset operations | 2 | brianwitte@mailfence.com | finished in 3h55m0s |
| 2026-01-30 18:21 UTC | selftests: netfilter: add IPV6_TUNNEL to config | 1 | fw@strlen.de | finished in 1h14m0s |
| 2026-01-30 11:11 UTC | netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation | 2 | fw@strlen.de | finished in 4h20m0s |
| 2026-01-30 07:22 UTC | netfilter: flowtable: dedicated slab for flow entry | 2 | dqfext@gmail.com | finished in 3h52m0s |
| 2026-01-30 04:43 UTC | netfilter: conntrack: remove __read_mostly from nf_conntrack_generation | 1 | lirongqing@baidu.com | finished in 3h54m0s |
| 2026-01-29 19:57 UTC | tests: shell: Review nft-only/0009-needless-bitwise_0 | 1 | phil@nwl.cc | skipped |
| 2026-01-29 19:56 UTC | ruleparse: arp: Fix for all-zero mask on Big Endian | 2 | phil@nwl.cc | skipped |
| 2026-01-29 17:28 UTC | netfilter: nft_set_rbtree: don't gc elements on insert | 1 | fw@strlen.de | finished in 4h10m0s |
| 2026-01-29 16:33 UTC | tests: shell: add test case for interval set with timeout and aborted transaction | 1 | fw@strlen.de | finished in 1h0m0s |
| 2026-01-29 14:07 UTC | tests: py: Adjust payloads to changed userdata printing | 1 | phil@nwl.cc | skipped |
| 2026-01-29 14:07 UTC | Revert "udata: Store u32 udata values in Big Endian" | 1 | phil@nwl.cc | skipped |
| 2026-01-29 10:54 UTC | netfilter: updates for net-next | 2 | fw@strlen.de | finished in 4h9m0s |
| 2026-01-29 10:12 UTC | netfilter: flowtable: dedicated slab for flow entry | 1 | dqfext@gmail.com | finished in 4h0m0s |
| 2026-01-28 15:41 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 4h18m0s |
| 2026-01-28 14:52 UTC | configure: Generate BUILD_STAMP at configure time | 1 | phil@nwl.cc | skipped |
| 2026-01-27 19:13 UTC | netfilter: nft_set_hash: fix get operation on big endian | 1 | fw@strlen.de | finished in 4h19m0s |
| 2026-01-27 03:06 UTC | netfilter: nf_tables: use dedicated mutex for reset operations | 1 | brianwitte@mailfence.com | finished in 3h50m0s |
| 2026-01-26 13:49 UTC | netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation | 1 | fw@strlen.de | skipped |
| 2026-01-23 22:09 UTC | netfilter: nfnetlink_queue: optimize verdict lookup with hash table | 8 | scott.k.mitch1@gmail.com | finished in 4h4m0s |
| 2026-01-23 13:54 UTC | netfilter: nfnetlink_queue: optimize verdict lookup with hash table | 7 | scott.k.mitch1@gmail.com | finished in 4h14m0s |
| 2026-01-23 08:10 UTC | netfilter: xt_time: use is_leap_year() helper | 1 | ruanjinjie@huawei.com | finished in 4h40m0s |
| 2026-01-23 03:03 UTC | mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() | 2 | edumazet@google.com | finished in 48m0s |
| 2026-01-22 17:46 UTC | Add IP6IP6 flowtable SW acceleration | 4 | lorenzo@kernel.org | finished in 4h9m0s |
| 2026-01-22 16:29 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 3h55m0s |
| 2026-01-22 13:13 UTC | mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() | 1 | edumazet@google.com |
finished
in 4h13m0s
[1 findings] |
| 2026-01-21 18:47 UTC | doc/netlink: Expand nftables specification | 6 | one-d-wide@protonmail.com | finished in 54m0s |
| 2026-01-21 13:39 UTC | monitor: fix memleak in setelem cb | 1 | fw@strlen.de | skipped |
| 2026-01-20 23:11 UTC | selftests: netfilter: avoid RULE_REPLACE error when zeroing rule counters | 1 | aleksey.oladko@virtuozzo.com | finished in 1h6m0s |