| Published | Title | Version | Author | Status |
|---|---|---|---|---|
| 2026-04-17 12:25 UTC | netfilter: xt_policy: fix strict mode inbound policy matching | 1 | n05ec@lzu.edu.cn | finished in 4h9m0s |
| 2026-04-17 10:38 UTC | tests: shell: add fwd to/fwd ip to test cases | 1 | fw@strlen.de | finished in 50m0s |
| 2026-04-16 01:30 UTC | Netfilter/IPVS fixes for net | 1 | pablo@netfilter.org | finished in 1h13m0s |
| 2026-04-15 20:02 UTC | IPVS: fixes after the new hash tables | 1 | ja@ssi.bg | finished in 4h31m0s |
| 2026-04-15 19:18 UTC | netfilter: nf_tables: use list_del_rcu for netlink hooks | 1 | fw@strlen.de | finished in 4h33m0s |
| 2026-04-15 15:57 UTC | extensions: libipt_REJECT: Drop ancient kernel compat hack | 1 | tt.rantala@gmail.com | skipped |
| 2026-04-15 14:40 UTC | ipvs: fix MTU check for GSO packets in tunnel mode | 4 | 342144303@qq.com | finished in 4h41m0s |
| 2026-04-15 11:23 UTC | nnetfilter: nat: use kfree_rcu to release ops | 1 | pablo@netfilter.org | finished in 4h33m0s |
| 2026-04-15 11:12 UTC | netfilter: allow nfnetlink built-in only | 1 | pablo@netfilter.org | finished in 1h39m0s |
| 2026-04-15 10:47 UTC | netfilter: xtables: restrict several matches to ipv4 and ipv6 | 1 | pablo@netfilter.org | finished in 4h37m0s |
| 2026-04-15 03:43 UTC | netfilter: xt_realm: fix null-ptr-deref in realm_mt() | 1 | hxzene@gmail.com | finished in 2h9m0s |
| 2026-04-14 22:14 UTC | netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO | 2 | xmei5@asu.edu | finished in 4h39m0s |
| 2026-04-14 17:13 UTC | netfilter: conntrack: remove sprintf usage | 1 | fw@strlen.de | finished in 2h35m0s |
| 2026-04-14 12:36 UTC | netfilter module-autoload: duplicate request for netfilter module | 1 | zhe.alex.zhao@gmail.com | finished in 58m0s |
| 2026-04-14 11:21 UTC | netfilter: nf_flow_table_ip: Introduce nf_flow_vlan_push() | 2 | ericwouds@gmail.com | finished in 4h17m0s |
| 2026-04-14 11:17 UTC | netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO | 1 | pablo@netfilter.org | finished in 4h8m0s |
| 2026-04-14 11:08 UTC | netfilter: nft_osf: restrict it to ipv6 | 1 | pablo@netfilter.org | finished in 4h23m0s |
| 2026-04-14 10:49 UTC | netfilter: nfnetlink_osf: fix null-ptr-deref in nf_osf_ttl | 2 | hxzene@gmail.com | finished in 4h41m0s |
| 2026-04-14 07:45 UTC | netfilter: nfnetlink_osf: fix null-ptr-deref in nf_osf_ttl | 1 | hxzene@gmail.com | finished in 5h2m0s |
| 2026-04-13 12:37 UTC | netfilter: nf_conncount: make number of hash slots configurable | 1 | deliran@verdict.gg | finished in 1h0m0s |
| 2026-04-13 08:48 UTC | netfilter: nfnetlink_cthelper: fix expect policy update copying only first class values to all classes | 1 | phx0fer@gmail.com | finished in 4h33m0s |
| 2026-04-12 22:28 UTC | netfilter: nft_set_rbtree: fix use count leak on transaction abort | 3 | marko.jevtic@codereflect.io | finished in 4h17m0s |
| 2026-04-11 21:13 UTC | netfilter: nft_set_rbtree: remove dead conditional | 2 | fw@strlen.de | finished in 4h5m0s |
| 2026-04-11 18:57 UTC | netfilter: nfnl_cthelper: apply per-class values when updating policies | 1 | devnexen@gmail.com | finished in 4h5m0s |
| 2026-04-11 12:12 UTC | netfilter: nft_set_pipapo_avx2: restore performance optimization | 2 | fw@strlen.de | finished in 4h27m0s |
| 2026-04-11 11:59 UTC | netfilter: nft_set_rbtree: fix memory leak during insertion | 1 | fw@strlen.de | finished in 4h16m0s |
| 2026-04-10 20:48 UTC | netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO | 1 | xmei5@asu.edu | finished in 4h5m0s |
| 2026-04-10 11:41 UTC | netfilter: nat: switch release of ops to kfree_rcu | 1 | fw@strlen.de | finished in 4h19m0s |
| 2026-04-10 11:23 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 4h33m0s |
| 2026-04-10 10:13 UTC | netfilter: nf_tables: use RCU-safe list primitives for basechain hook list | 1 | bestswngs@gmail.com | finished in 4h27m0s |
| 2026-04-09 22:34 UTC | [next] netfilter: x_tables: Avoid a couple -Wflex-array-member-not-at-end warnings | 3 | gustavoars@kernel.org | finished in 4h31m0s |
| 2026-04-09 20:28 UTC | [next] netfilter: x_tables: Avoid a couple -Wflex-array-member-not-at-end warnings | 2 | gustavoars@kernel.org | finished in 4h11m0s |
| 2026-04-09 13:07 UTC | improve hw flow offload byte accounting | 1 | daniel@makrotopia.org |
finished
in 1h1m0s
[1 findings] |
| 2026-04-09 11:58 UTC | tests: py: don't use a fixed filename | 1 | fw@strlen.de | skipped |
| 2026-04-09 11:57 UTC | doc: ct count should be restricted via new | 1 | fw@strlen.de | skipped |
| 2026-04-09 11:34 UTC | netfilter: nft_fwd_netdev: check ttl/hl before forwarding | 1 | fw@strlen.de | finished in 4h2m0s |
| 2026-04-09 10:49 UTC | netfilter: nft_fwd_netdev: use recursion counter in neigh egress path | 2 | bestswngs@gmail.com | finished in 4h38m0s |
| 2026-04-09 09:50 UTC | netfilter: nf_conntrack_sip: fix OOB read in epaddr_len and ct_sip_parse_header_uri | 1 | bestswngs@gmail.com | finished in 2h32m0s |
| 2026-04-09 09:20 UTC | netfilter: x_physdev: reject empty or not-nul terminated device names | 1 | fw@strlen.de | finished in 4h24m0s |
| 2026-04-09 05:36 UTC | netfilter: nft_fwd_netdev: use recursion counter in neigh egress path | 1 | bestswngs@gmail.com | finished in 4h22m0s |
| 2026-04-08 21:27 UTC | [next] netfilter: x_tables: Avoid a couple -Wflex-array-member-not-at-end warnings | 1 | gustavoars@kernel.org | finished in 4h52m0s |
| 2026-04-08 16:35 UTC | netfilter updates for net | 1 | fw@strlen.de | finished in 4h22m0s |
| 2026-04-08 11:59 UTC | support for several list and reset commands | 1 | pablo@netfilter.org | skipped |
| 2026-04-08 07:35 UTC | netfilter: arp_tables: fix IEEE1394 ARP payload parsing in arp_packet_match() | 1 | bestswngs@gmail.com | finished in 4h30m0s |
| 2026-04-08 07:02 UTC | netfilter: ipset: concurrent add and dump fixes | 1 | kadlec@netfilter.org |
finished
in 4h26m0s
[8 findings] |
| 2026-04-07 17:06 UTC | netfilter: nfnetlink_queue: make hash table per queue | 1 | fw@strlen.de | finished in 4h26m0s |
| 2026-04-07 14:15 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 4h46m0s |
| 2026-04-06 21:18 UTC | selftests: nft_queue.sh: add a parallel stress test | 1 | fmancera@suse.de | finished in 1h6m0s |
| 2026-04-04 10:12 UTC | netfilter: xt_socket: enable defrag after all other checks | 1 | fw@strlen.de | finished in 4h12m0s |
| 2026-04-04 10:09 UTC | netfilter: nfnetlink: prefer skb_mac_header helpers | 2 | fw@strlen.de | finished in 3h56m0s |
| 2026-04-03 20:59 UTC | netfilter: xt_HL: add pr_fmt and checkentry validation | 3 | marino.dzalto@gmail.com | finished in 4h40m0s |
| 2026-04-03 20:03 UTC | netfilter: xt_HL: add pr_fmt, drop NULL checks, add checkentry validation | 2 | marino.dzalto@gmail.com | finished in 4h22m0s |
| 2026-04-03 19:39 UTC | netfilter: xt_HL: add pr_fmt, default case and NULL checks | 1 | marino.dzalto@gmail.com |
finished
in 1h9m0s
[1 findings] |
| 2026-04-03 18:53 UTC | netfilter: xt_dscp: replace -EDOM with -EINVAL and unify match functions | 1 | marino.dzalto@gmail.com | finished in 4h32m0s |
| 2026-04-03 15:52 UTC | netfilter: xt_multiport: validate range encoding in checkentry | 4 | n05ec@lzu.edu.cn | finished in 4h20m0s |
| 2026-04-02 18:43 UTC | A bit of non-constant binop follow-up | 1 | phil@nwl.cc | skipped |
| 2026-04-02 18:21 UTC | netfilter: xt_multiport: validate range encoding in checkentry | 3 | n05ec@lzu.edu.cn | finished in 4h34m0s |
| 2026-04-02 17:34 UTC | netfilter: xt_multiport: validate range encoding in checkentry | 2 | n05ec@lzu.edu.cn | finished in 4h18m0s |
| 2026-04-02 14:52 UTC | arptables: Warn when ignoring '-p' option | 1 | phil@nwl.cc | skipped |
| 2026-04-02 14:46 UTC | ipvs: fix MTU check for GSO packets in tunnel mode | 3 | 342144303@qq.com | finished in 4h21m0s |
| 2026-04-02 12:09 UTC | ipvs: fix MTU check for GSO packets in tunnel mode | 2 | 342144303@qq.com |
finished
in 1h15m0s
[1 findings] |
| 2026-04-01 21:20 UTC | netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator | 2 | xmei5@asu.edu | finished in 4h16m0s |
| 2026-04-01 19:57 UTC | netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator | 1 | xmei5@asu.edu | finished in 4h28m0s |
| 2026-04-01 15:38 UTC | ipvs: fix MTU check for GSO packets in tunnel mode | 1 | 342144303@qq.com | finished in 4h32m0s |
| 2026-04-01 11:02 UTC | netfilter: nft_set_pipapo_avx2: restore performance optimization | 1 | fw@strlen.de | finished in 4h36m0s |
| 2026-04-01 10:36 UTC | Netfilter fixes for net | 1 | pablo@netfilter.org | finished in 4h32m0s |
| 2026-04-01 07:58 UTC | ipvs: fix NULL deref in ip_vs_add_service error path | 2 | bestswngs@gmail.com | finished in 4h54m0s |
| 2026-04-01 07:44 UTC | Deprecate Legacy IP | 1 | dwmw2@infradead.org |
finished
in 3h0m0s
[1 findings] |
| 2026-04-01 04:16 UTC | ipvs: fix NULL deref in ip_vs_add_service error path | 1 | bestswngs@gmail.com | finished in 4h32m0s |
| 2026-03-31 21:41 UTC | netfilter: nf_tables: reject immediate NF_QUEUE verdict | 1 | pablo@netfilter.org | finished in 4h17m0s |
| 2026-03-31 21:13 UTC | netfilter: x_tables: ensure names are nul-terminated | 2 | fw@strlen.de | finished in 4h48m0s |
| 2026-03-31 15:01 UTC | netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP | 1 | pablo@netfilter.org | finished in 4h38m0s |
| 2026-03-31 07:34 UTC | netfilter: ip6t_eui64: validate MAC header before using it | 1 | n05ec@lzu.edu.cn | finished in 2h38m0s |
| 2026-03-31 06:17 UTC | netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent | 2 | tpluszz77@gmail.com | finished in 4h8m0s |
| 2026-03-31 06:14 UTC | netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent | 2 | tpluszz77@gmail.com | finished in 4h16m0s |
| 2026-03-30 21:39 UTC | netfilter: ipset: drop logically empty buckets in mtype_del | 1 | yuantan098@gmail.com | finished in 4h20m0s |
| 2026-03-30 15:10 UTC | netfilter: ctnetlink: restrict expectfn to helper | 1 | pablo@netfilter.org | finished in 4h23m0s |
| 2026-03-30 12:16 UTC | netfilter: ipset: use nla_strcmp for IPSET_ATTR_NAME attr | 1 | fw@strlen.de | finished in 4h27m0s |
| 2026-03-30 11:40 UTC | netfilter: ctnetlink: disallow explicit helper on new expectations | 1 | pablo@netfilter.org | finished in 4h10m0s |
| 2026-03-30 11:35 UTC | selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test | 1 | yiche@redhat.com | finished in 1h20m0s |
| 2026-03-30 09:04 UTC | netfilter: nf_tables_offload: add nft_flow_action_entry_next() and use it | 1 | pablo@netfilter.org | finished in 4h38m0s |
| 2026-03-30 09:01 UTC | netfilter: nf_tables_offload: add nft_flow_action_entry_next() and use it | 1 | pablo@netfilter.org | finished in 4h43m0s |
| 2026-03-29 16:52 UTC | netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent | 1 | tpluszz77@gmail.com | finished in 4h21m0s |
| 2026-03-29 16:51 UTC | netfilter: ctnetlink: validate expect class against master helper | 1 | tpluszz77@gmail.com | finished in 4h15m0s |
| 2026-03-29 16:50 UTC | netfilter: nf_conntrack_helper: pass helper to expect cleanup | 1 | tpluszz77@gmail.com | finished in 4h27m0s |
| 2026-03-29 13:40 UTC | netfilter: x_tables: ensure names are nul-terminated | 1 | fw@strlen.de | finished in 4h22m0s |
| 2026-03-28 19:42 UTC | netfilter: nft_compat: tighten the nft_compat interface | 1 | fw@strlen.de | finished in 4h15m0s |
| 2026-03-28 14:51 UTC | netfilter: xt_multiport: reject trailing range markers | 2 | n05ec@lzu.edu.cn | finished in 4h8m0s |
| 2026-03-26 20:18 UTC | netfilter: nf_conntrack_h323: Correct indentation when H323_TRACE defined | 1 | david.laight.linux@gmail.com | finished in 1h22m0s |
| 2026-03-26 20:09 UTC | netfilter: flowtable: strictly check for maximum number of actions | 1 | pablo@netfilter.org | finished in 4h24m0s |
| 2026-03-26 15:17 UTC | netfilter: nfnetlink_log: account for netlink header size | 1 | fw@strlen.de | finished in 4h25m0s |
| 2026-03-26 14:42 UTC | netfilter: Kconfig: make NF_FLOW_TABLE_INET depend on NF_TABLES_INET | 1 | fmancera@suse.de | finished in 1h57m0s |
| 2026-03-25 16:41 UTC | netfilter: nf_tables: reject requests exceeding NF_FLOW_RULE_ACTION_MAX actions | 1 | fw@strlen.de | finished in 4h19m0s |
| 2026-03-25 13:10 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h23m0s |
| 2026-03-24 20:40 UTC | Update (DSA) netdev stats with offloaded flows | 2 | anzaki@gmail.com | finished in 4h39m0s |
| 2026-03-24 15:18 UTC | ipvs: Fix incorrect use of HK_TYPE_KTHREAD housekeeping cpumask | 1 | longman@redhat.com | finished in 4h34m0s |
| 2026-03-23 19:41 UTC | include: fix NLA type comments for log attributes | 1 | roedlrudi@gmail.com | skipped |
| 2026-03-23 16:25 UTC | IPVS changes, part 4 of 4 - extras | 1 | ja@ssi.bg | finished in 4h37m0s |
| 2026-03-23 08:56 UTC | netfilter: osf: add deprecation notices | 1 | fw@strlen.de | finished in 4h29m0s |
| 2026-03-23 08:07 UTC | netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp | 1 | bestswngs@gmail.com | finished in 2h1m0s |