| Published | Title | Version | Author | Status |
|---|---|---|---|---|
| 2026-06-01 09:50 UTC | netfilter: bridge: ebt_redirect: don't assume bridge port exists | 1 | fw@strlen.de | finished in 2h52m0s |
| 2026-05-31 15:50 UTC | Add IPv4 over IPv6 and SIT flowtable SW acceleration | 3 | lorenzo@kernel.org | finished in 3h56m0s |
| 2026-05-28 22:34 UTC | netfilter: TCPMSS: fix dropped packets when MSS option is unaligned | 2 | kacper.kokot.44@gmail.com | finished in 1h16m0s |
| 2026-05-28 15:28 UTC | netfilter: nft_payload: validate offset for all csum_type paths | 2 | 25esihoya@gmail.com | finished in 1h6m0s |
| 2026-05-28 15:28 UTC | netfilter: nft_payload: validate offset for all csum_type paths | 2 | 25esihoya@gmail.com | finished in 1h6m0s |
| 2026-05-28 13:39 UTC | netfilter: nft_payload: move offset bounds check outside csum condition | 1 | 25esihoya@gmail.com | finished in 1h4m0s |
| 2026-05-28 11:09 UTC | netfilter: nft_ct: bail out on template ct in get eval | 2 | jiayuan.chen@linux.dev | finished in 4h51m0s |
| 2026-05-28 07:21 UTC | netfilter: ipvs: fix ct refcount leak when template is invalid | 1 | vulab@iscas.ac.cn |
finished
in 4h49m0s
[1 findings] |
| 2026-05-28 07:08 UTC | netfilter: flowtable: fix offloaded ct timeout never being extended | 2 | adibente@gmail.com | finished in 4h28m0s |
| 2026-05-28 04:26 UTC | netfilter: nft_ct: fix OOB in NFT_CT_SRC/DST eval | 1 | jiayuan.chen@linux.dev | finished in 5h3m0s |
| 2026-05-27 13:57 UTC | netfilter: nft_tunnel: fix use-after-free on object destroy | 1 | tristmd@gmail.com | finished in 1h43m0s |
| 2026-05-27 10:20 UTC | netfilter: conntrack_irc: fix possible out-of-bounds read | 1 | fw@strlen.de | finished in 2h14m0s |
| 2026-05-27 08:18 UTC | ipvs: Replace use of system_unbound_wq with system_dfl_long_wq | 3 | marco.crivellari@suse.com | finished in 1h24m0s |
| 2026-05-27 07:41 UTC | examples: rtnl: fix rtnl-link-dump* extra header | 1 | jonas.gorski@gmail.com | skipped |
| 2026-05-26 16:40 UTC | add refcount to ct timeout/helper | 1 | pablo@netfilter.org | finished in 4h27m0s |
| 2026-05-26 15:37 UTC | bpf: add icmp_send kfunc | 7 | mahe.tardy@gmail.com | finished in 4h47m0s |
| 2026-05-26 06:01 UTC | netfilter: flowtable: fix offloaded ct timeout never being extended | 1 | adibente@gmail.com | finished in 4h2m0s |
| 2026-05-26 03:21 UTC | bridge: br_netfilter: move fake rtable off struct net_bridge | 2 | n05ec@lzu.edu.cn | finished in 4h9m0s |
| 2026-05-26 02:02 UTC | netfilter: nft_fib_ipv6: bail out of sibling walk if rt got unlinked | 1 | jiayuan.chen@linux.dev | finished in 4h31m0s |
| 2026-05-25 21:58 UTC | netfilter: nf_conntrack: use get_unaligned_be32() in tcp_sack() | 1 | rosenp@gmail.com | finished in 3h56m0s |
| 2026-05-25 20:11 UTC | netfilter: TCPMSS: fix dropped packets when MSS option is unaligned | 1 | kacper.kokot.44@gmail.com | finished in 4h9m0s |
| 2026-05-25 18:29 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 4h8m0s |
| 2026-05-25 16:24 UTC | netfilter: flowtable: resolve LAG slave for direct HW offload | 1 | hurryman2212@gmail.com | finished in 4h45m0s |
| 2026-05-25 15:35 UTC | netfilter: nfnetlink_osf: fix mss parsing on big-endian architectures | 1 | fmancera@suse.de | finished in 1h3m0s |
| 2026-05-25 04:07 UTC | ipvs: clear the svc scheduler ptr early on edit | 1 | ja@ssi.bg | finished in 4h1m0s |
| 2026-05-25 03:54 UTC | ipvs: add conn_max sysctl to limit connections | 3 | ja@ssi.bg | finished in 4h4m0s |
| 2026-05-23 17:27 UTC | ipvs: add conn_max sysctl to limit connections | 2 | ja@ssi.bg | finished in 4h7m0s |
| 2026-05-23 15:26 UTC | netfilter: flowtable: avoid num_encaps underflow on bridge VLAN untag | 1 | devnexen@gmail.com | finished in 1h42m0s |
| 2026-05-23 13:15 UTC | netfilter: ipset fixes, second batch | 1 | kadlec@netfilter.org | finished in 4h9m0s |
| 2026-05-22 10:55 UTC | ipvs: add conn_max sysctl to limit connections | 1 | ja@ssi.bg | finished in 4h26m0s |
| 2026-05-22 10:47 UTC | netfilter: xt_NFQUEUE: prefer raw_smp_processor_id | 1 | fmancera@suse.de | finished in 4h26m0s |
| 2026-05-22 10:42 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h42m0s |
| 2026-05-22 05:01 UTC | netfilter: conntrack: remove some code | 1 | fw@strlen.de |
finished
in 47m0s
[1 findings] |
| 2026-05-21 20:11 UTC | netfilter: add option for GCOV profiling | 3 | fw@strlen.de | finished in 1h38m0s |
| 2026-05-21 08:18 UTC | tests: shell: add stateless nat test case | 1 | fw@strlen.de | finished in 1h15m0s |
| 2026-05-20 08:01 UTC | netfilter: ebtables: fix OOB read in compat_mtw_from_user | 1 | fw@strlen.de | finished in 4h58m0s |
| 2026-05-20 02:34 UTC | netfilter: nft_fib_ipv6: handle routes via external nexthop | 2 | jiayuan.chen@linux.dev | finished in 4h25m0s |
| 2026-05-19 21:38 UTC | netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags | 1 | pablo@netfilter.org |
finished
in 4h26m0s
[1 findings] |
| 2026-05-19 21:23 UTC | netfilter: nf_conntrack_irc: fix parse_dcc() off-by-one OOB read | 1 | meatuni001@gmail.com | finished in 1h40m0s |
| 2026-05-19 19:36 UTC | netfilter: synproxy: refresh tcphdr after skb_ensure_writable | 1 | clm@meta.com | finished in 4h5m0s |
| 2026-05-19 18:34 UTC | netfilter: xt_cpu: prefer raw_smp_processor_id | 1 | fw@strlen.de | finished in 4h54m0s |
| 2026-05-19 08:21 UTC | netfilter: nf_conntrack_gre: fix gre keymap list corruption | 2 | fw@strlen.de | finished in 4h23m0s |
| 2026-05-19 04:14 UTC | netfilter: nft_fib_ipv6: handle routes via external nexthop | 1 | jiayuan.chen@linux.dev | finished in 4h10m0s |
| 2026-05-19 01:55 UTC | ipvs: Use flexible array for MH lookup table | 1 | rosenp@gmail.com | finished in 2h4m0s |
| 2026-05-17 23:49 UTC | xfrm: validate IPv4 header length before output transforms | 1 | michael.bommarito@gmail.com | finished in 4h1m0s |
| 2026-05-17 14:50 UTC | netfilter: ipset: preserve comment lifetime across resize and gc expiry | 2 | n05ec@lzu.edu.cn | finished in 4h9m0s |
| 2026-05-17 11:37 UTC | netfilter: nf_dup: preserve socket ownership on egress duplicates | 1 | n05ec@lzu.edu.cn | finished in 2h18m0s |
| 2026-05-16 15:23 UTC | netfilter: disable payload mangling in userns | 1 | tpluszz77@gmail.com | finished in 4h1m0s |
| 2026-05-16 11:56 UTC | Netfilter/IPVS fixes for net | 1 | pablo@netfilter.org | finished in 4h2m0s |
| 2026-05-15 13:51 UTC | net: Replace system_unbound_wq with system_dfl_wq | 2 | marco.crivellari@suse.com | finished in 1h59m0s |
| 2026-05-15 10:34 UTC | netfilter: nf_conntrack_gre: fix gre keymap list corruption | 1 | fw@strlen.de | finished in 4h38m0s |
| 2026-05-15 03:19 UTC | netfilter: nf_queue: hold bridge skb->dev while queued | 2 | n05ec@lzu.edu.cn | finished in 4h18m0s |
| 2026-05-14 14:46 UTC | net: neigh: Reallocate headroom if necessary in neigh_hh_bridge() | 4 | lorenzo@kernel.org | finished in 4h32m0s |
| 2026-05-14 14:16 UTC | netfilter: nf_conncount: prevent connlimit drops for early confirmed ct | 2 | fmancera@suse.de | finished in 4h24m0s |
| 2026-05-14 08:55 UTC | netfilter: ipset fixes | 7 | kadlec@netfilter.org |
finished
in 4h50m0s
[3 findings] |
| 2026-05-14 04:05 UTC | netfilter: xt_IDLETIMER: scope timer reuse to the owning netns | 1 | n05ec@lzu.edu.cn | finished in 4h29m0s |
| 2026-05-14 03:48 UTC | bridge: br_netfilter: give fake rtable its own lifetime | 1 | n05ec@lzu.edu.cn | finished in 4h38m0s |
| 2026-05-13 16:40 UTC | net: neigh: Reallocate headroom if necessary in neigh_hh_bridge() | 3 | lorenzo@kernel.org | finished in 4h30m0s |
| 2026-05-13 12:15 UTC | netfilter: nf_conncount: prevent connlimit drops for early confirmed ct | 1 | fmancera@suse.de | finished in 4h33m0s |
| 2026-05-13 07:57 UTC | netfilter: ip6t_hbh: reject oversized option lists | 1 | n05ec@lzu.edu.cn | finished in 4h58m0s |
| 2026-05-13 05:54 UTC | netfilter: ipset: fix comment extension lifetime during hash resize | 1 | n05ec@lzu.edu.cn | finished in 4h52m0s |
| 2026-05-12 22:44 UTC | netfilter: nf_queue: hold reference on skb->dev | 1 | pablo@netfilter.org | finished in 4h36m0s |
| 2026-05-12 21:55 UTC | netfilter: nf_conntrack_proto_tcp: fix typos in comments | 1 | avinash.duduskar@gmail.com | finished in 1h32m0s |
| 2026-05-12 20:58 UTC | netfilter: conntrack: add dead flag to helpers | 1 | pablo@netfilter.org | finished in 5h9m0s |
| 2026-05-12 20:51 UTC | ipv4: harden against ihl < 5 IP_HDRINCL packets | 1 | michael.bommarito@gmail.com | finished in 4h34m0s |
| 2026-05-12 18:29 UTC | netfilter: add option for GCOV profiling | 2 | fw@strlen.de | finished in 2h2m0s |
| 2026-05-12 13:36 UTC | netfilter: nft_byteorder: remove multi-register support | 3 | fw@strlen.de | finished in 5h32m0s |
| 2026-05-12 10:34 UTC | selftests: netfilter: Add bridge_fastpath.sh | 5 | ericwouds@gmail.com | finished in 2h9m0s |
| 2026-05-12 10:33 UTC | conntrack: bridge: add double vlan, pppoe and pppoe-in-q | 20 | ericwouds@gmail.com | finished in 4h38m0s |
| 2026-05-12 09:30 UTC | netfilter: nft_inner: release local_lock before re-enabling softirqs | 1 | fw@strlen.de | finished in 4h29m0s |
| 2026-05-12 07:57 UTC | netfilter: nf_queue: hold bridge skb->dev while queued | 1 | n05ec@lzu.edu.cn | finished in 4h33m0s |
| 2026-05-11 20:06 UTC | cache: honor -c/--check for reset commands | 1 | pablo@netfilter.org | skipped |
| 2026-05-11 17:30 UTC | netfilter: nft_inner: Fix IPv6 inner_thoff desync | 2 | zhaoyz24@mails.tsinghua.edu.cn | finished in 5h16m0s |
| 2026-05-11 15:57 UTC | net: neigh: Reallocate headroom if necessary in neigh_hh_bridge() | 2 | lorenzo@kernel.org | finished in 4h27m0s |
| 2026-05-11 14:43 UTC | netfilter: conntrack: tcp: do not force CLOSE on invalid-seq RST without direction check | 1 | hamzamahfooz@linux.microsoft.com | finished in 4h42m0s |
| 2026-05-11 14:37 UTC | netfilter: nf_tables: fix dst corruption in same register operation | 4 | fmancera@suse.de | finished in 4h44m0s |
| 2026-05-11 13:47 UTC | net: Replace system_unbound_wq with system_dfl_wq | 1 | marco.crivellari@suse.com | finished in 1h51m0s |
| 2026-05-11 13:37 UTC | netfilter: nft_inner: Fix IPv6 inner_thoff desync | 2 | zhaoyz24@mails.tsinghua.edu.cn | finished in 4h48m0s |
| 2026-05-10 13:19 UTC | netfilter: nft_inner: Fix IPv6 inner_thoff desync | 1 | zhaoyz24@mails.tsinghua.edu.cn | finished in 4h8m0s |
| 2026-05-10 10:46 UTC | ipvs: avoid possible loop in ip_vs_dst_event on resizing | 3 | ja@ssi.bg | finished in 4h7m0s |
| 2026-05-09 22:01 UTC | tests: cli-test.sh: improve logging for CI pipelines | 1 | fw@strlen.de | skipped |
| 2026-05-09 22:00 UTC | tests: bulk-load-stress.sh: return early if ct_max is reached | 1 | fw@strlen.de | skipped |
| 2026-05-09 08:27 UTC | netfilter: nf_conntrack_helper: fix possible null deref during error log | 1 | fw@strlen.de | finished in 4h8m0s |
| 2026-05-08 20:58 UTC | netfilter: ipset fixes | 6 | kadlec@netfilter.org | finished in 4h9m0s |
| 2026-05-08 11:25 UTC | net: neigh: Reallocate headroom if necessary in neigh_hh_bridge() | 1 | lorenzo@kernel.org | finished in 4h2m0s |
| 2026-05-08 11:15 UTC | scanner: Accept all statements' first words in all scopes | 2 | phil@nwl.cc | skipped |
| 2026-05-07 23:44 UTC | Netfilter fixes for net | 1 | pablo@netfilter.org | finished in 4h27m0s |
| 2026-05-07 20:38 UTC | scanner: Accept all statements' first words in all scopes | 1 | phil@nwl.cc | skipped |
| 2026-05-07 19:23 UTC | ipvs: avoid possible loop in ip_vs_dst_event on resizing | 2 | ja@ssi.bg | finished in 4h48m0s |
| 2026-05-07 13:44 UTC | netfilter: fix expectation reference leaks | 2 | lixiasong1@huawei.com | finished in 5h8m0s |
| 2026-05-07 09:34 UTC | netfilter: add option for GCOV profiling | 1 | fw@strlen.de | finished in 1h32m0s |
| 2026-05-06 18:44 UTC | ipvs: avoid possible loop in ip_vs_dst_event on resizing | 1 | ja@ssi.bg | finished in 5h12m0s |
| 2026-05-06 17:27 UTC | Add IPv4 over IPv6 and SIT flowtable SW acceleration | 2 | lorenzo@kernel.org | finished in 4h33m0s |
| 2026-05-06 12:06 UTC | netfilter: fix nf_ct_expect_alloc() reference leaks | 1 | lixiasong1@huawei.com | finished in 4h43m0s |
| 2026-05-06 10:07 UTC | netfilter: xtables: fix module load and teardown races | 3 | fw@strlen.de | finished in 5h29m0s |
| 2026-05-05 14:49 UTC | Add IPv4 over IPv6 flowtable SW acceleration | 1 | lorenzo@kernel.org | finished in 4h59m0s |
| 2026-05-05 11:42 UTC | netfilter: nf_conntrack_expect: restore helper propagation via expectation | 1 | pablo@netfilter.org | finished in 4h19m0s |
| 2026-05-05 10:37 UTC | tests: shell: also test byte-based rate limiting | 1 | fw@strlen.de | skipped |
| 2026-05-05 10:37 UTC | scanner: enable verdicts in rate scope too | 1 | fw@strlen.de | skipped |
| 2026-05-05 05:11 UTC | netfilter: ctnetlink: use nf_ct_exp_net() in expectation dump | 1 | pratham36gupta@gmail.com | finished in 4h14m0s |