| Published | Title | Version | Author | Status |
|---|---|---|---|---|
| 2026-03-30 09:01 UTC | netfilter: nf_tables_offload: add nft_flow_action_entry_next() and use it | 1 | pablo@netfilter.org | finished in 4h43m0s |
| 2026-03-29 16:52 UTC | netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent | 1 | tpluszz77@gmail.com | finished in 4h21m0s |
| 2026-03-29 16:51 UTC | netfilter: ctnetlink: validate expect class against master helper | 1 | tpluszz77@gmail.com | finished in 4h15m0s |
| 2026-03-29 16:50 UTC | netfilter: nf_conntrack_helper: pass helper to expect cleanup | 1 | tpluszz77@gmail.com | finished in 4h27m0s |
| 2026-03-28 14:51 UTC | netfilter: xt_multiport: reject trailing range markers | 2 | n05ec@lzu.edu.cn | finished in 4h8m0s |
| 2026-03-26 20:18 UTC | netfilter: nf_conntrack_h323: Correct indentation when H323_TRACE defined | 1 | david.laight.linux@gmail.com | finished in 1h22m0s |
| 2026-03-26 20:09 UTC | netfilter: flowtable: strictly check for maximum number of actions | 1 | pablo@netfilter.org | finished in 4h24m0s |
| 2026-03-26 14:42 UTC | netfilter: Kconfig: make NF_FLOW_TABLE_INET depend on NF_TABLES_INET | 1 | fmancera@suse.de | finished in 1h57m0s |
| 2026-03-25 13:10 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h23m0s |
| 2026-03-24 20:40 UTC | Update (DSA) netdev stats with offloaded flows | 2 | anzaki@gmail.com | finished in 4h39m0s |
| 2026-03-24 17:12 UTC | netfilter: ctnetlink: use netlink policy range checks | 1 | devnexen@gmail.com | finished in 4h20m0s |
| 2026-03-24 16:30 UTC | netfilter: conntrack: clamp TCP window scale to TCP_MAX_WSCALE via ctnetlink | 1 | devnexen@gmail.com | finished in 4h25m0s |
| 2026-03-24 15:18 UTC | ipvs: Fix incorrect use of HK_TYPE_KTHREAD housekeeping cpumask | 1 | longman@redhat.com | finished in 4h34m0s |
| 2026-03-23 19:41 UTC | include: fix NLA type comments for log attributes | 1 | roedlrudi@gmail.com | skipped |
| 2026-03-23 16:25 UTC | IPVS changes, part 4 of 4 - extras | 1 | ja@ssi.bg | finished in 4h37m0s |
| 2026-03-23 08:07 UTC | netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp | 1 | bestswngs@gmail.com | finished in 2h1m0s |
| 2026-03-20 15:19 UTC | netfilter: nfnetlink_hook: Dump nat type chains | 2 | phil@nwl.cc | finished in 4h26m0s |
| 2026-03-20 15:16 UTC | mnl: Fix ordering of hooks in 'list hooks' output | 1 | phil@nwl.cc | skipped |
| 2026-03-20 12:59 UTC | conntrack expectation fixes | 1 | pablo@netfilter.org |
finished
in 57m0s
[1 findings] |
| 2026-03-20 11:40 UTC | netfilter: ipset: Fix data race between add and list header | 1 | kadlec@netfilter.org | finished in 4h39m0s |
| 2026-03-20 09:43 UTC | net: airoha: add RCU lock around dev_fill_forward_path | 2 | dqfext@gmail.com | finished in 1h13m0s |
| 2026-03-19 13:32 UTC | parser: Support table spec in 'list chains' command | 1 | phil@nwl.cc | skipped |
| 2026-03-19 13:32 UTC | segtree: Fix for variable-sized object may not be initialized | 1 | phil@nwl.cc | skipped |
| 2026-03-19 11:44 UTC | tunnel: check kernel does not provide too large geneve data | 1 | pablo@netfilter.org | skipped |
| 2026-03-19 09:38 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h11m0s |
| 2026-03-19 09:06 UTC | set{,_elem}: Drop nftnl_set{,_elem}_clone() | 1 | phil@nwl.cc | skipped |
| 2026-03-19 03:26 UTC | net: airoha: add RCU lock around dev_fill_forward_path | 1 | dqfext@gmail.com | finished in 1h12m0s |
| 2026-03-17 23:48 UTC | Update netdev stats with offloaded flows | 1 | anzaki@gmail.com | finished in 4h3m0s |
| 2026-03-17 17:59 UTC | netfilter: nf_tables: release flowtable after rcu grace period on error | 1 | pablo@netfilter.org | finished in 4h0m0s |
| 2026-03-17 14:00 UTC | ipvs: Move defense_work to system_dfl_long_wq | 1 | iluceno@suse.de |
finished
in 1h11m0s
[1 findings] |
| 2026-03-17 11:03 UTC | bridge: No DEV_PATH_BR_VLAN_UNTAG_HW for dsa foreign | 12 | ericwouds@gmail.com | finished in 4h23m0s |
| 2026-03-17 10:17 UTC | bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW | 12 | ericwouds@gmail.com | skipped |
| 2026-03-17 10:15 UTC | netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() | 12 | ericwouds@gmail.com | finished in 2h3m0s |
| 2026-03-15 17:06 UTC | netfilter: add missing kernel-doc parameters for nf_hook() | 2 | xaum.io@gmail.com | finished in 4h30m0s |
| 2026-03-13 20:13 UTC | netfilter: nf_nat_sip: validate exp->dir in nf_nat_sip_expected() | 1 | qguanni@gmail.com | finished in 1h52m0s |
| 2026-03-13 19:52 UTC | netfilter: nf_conntrack_sip: add bounds-checked port parsing helper | 2 | qguanni@gmail.com | finished in 1h0m0s |
| 2026-03-13 18:01 UTC | netfilter: ipset: harden payload calculation in call_ad() | 1 | davidbaum461@gmail.com | finished in 4h25m0s |
| 2026-03-13 15:32 UTC | netfilter: nfnetlink_hook: Dump nat type chains | 1 | phil@nwl.cc | finished in 4h14m0s |
| 2026-03-13 15:06 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h14m0s |
| 2026-03-13 10:44 UTC | Revert "tests: py: use `os.unshare` Python function" | 1 | phil@nwl.cc | skipped |
| 2026-03-12 22:31 UTC | netfilter: conntrack: expose gc_scan_interval_max via sysctl | 2 | panchamukhi@arista.com | finished in 4h12m0s |
| 2026-03-12 14:59 UTC | netfilter: xt_time: use unsigned int for monthday bit shift | 1 | qguanni@gmail.com | finished in 1h8m0s |
| 2026-03-12 14:55 UTC | netfilter: nf_conntrack_sip: fix OOB read in SIP URI port parsing | 1 | qguanni@gmail.com | finished in 58m0s |
| 2026-03-12 14:49 UTC | netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() | 1 | qguanni@gmail.com | finished in 2h2m0s |
| 2026-03-12 14:42 UTC | netfilter: ctnetlink: validate CTA_EXPECT_NAT_DIR value | 1 | qguanni@gmail.com | finished in 50m0s |
| 2026-03-12 12:48 UTC | netfilter: nft_ct: drop pending enqueued packets on removal | 1 | pablo@netfilter.org | finished in 4h19m0s |
| 2026-03-12 10:11 UTC | nf_tables: nft_dynset: fix possible stateful expression memleak in error path | 1 | pablo@netfilter.org | finished in 4h10m0s |
| 2026-03-12 01:14 UTC | netfilter: nft_set_rbtree: revisit array resize logic | 1 | pablo@netfilter.org | skipped |
| 2026-03-11 19:40 UTC | netfilter: conntrack: expose gc_scan_interval_max via sysctl | 1 | panchamukhi@arista.com | finished in 4h4m0s |
| 2026-03-11 19:33 UTC | cache: Fix for multiple commands in a single batch | 1 | phil@nwl.cc | skipped |
| 2026-03-11 15:29 UTC | netfilter: revert nft_set_rbtree: validate open interval overlap | 1 | fw@strlen.de | finished in 4h1m0s |
| 2026-03-11 09:58 UTC | netfilter: nft_meta: add double-tagged vlan and pppoe support | 1 | pablo@netfilter.org | finished in 4h3m0s |
| 2026-03-10 23:11 UTC | Enhance cache filter for list commands | 1 | phil@nwl.cc | skipped |
| 2026-03-10 14:39 UTC | netfilter: nf_flow_table_ip: reset mac header before vlan push | 1 | ericwouds@gmail.com | finished in 4h12m0s |
| 2026-03-10 13:20 UTC | netfilter: updates for net | 2 | fw@strlen.de | finished in 4h6m0s |
| 2026-03-09 21:08 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h3m0s |
| 2026-03-09 20:29 UTC | netfilter: nf_tables: Fix typo in enum description | 1 | jelle@vdwaa.nl | finished in 1h3m0s |
| 2026-03-08 11:25 UTC | netfilter: xtables: fix possible off-by-one when accessing TCP/DCCP options | 1 | pablo@netfilter.org | finished in 4h2m0s |
| 2026-03-07 17:24 UTC | netfilter: nfnetlink_queue: fix entry leak in bridge verdict error path | 1 | imv4bel@gmail.com | finished in 3h58m0s |
| 2026-03-07 17:23 UTC | netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table() | 1 | imv4bel@gmail.com | finished in 4h4m0s |
| 2026-03-07 17:23 UTC | netfilter: nf_flow_table_offload: fix heap overflow in flow_action_entry_next() | 1 | imv4bel@gmail.com | finished in 4h7m0s |
| 2026-03-07 17:22 UTC | netfilter: nf_conntrack_sctp: validate state value in nlattr_to_sctp() | 1 | imv4bel@gmail.com | finished in 4h13m0s |
| 2026-03-07 17:22 UTC | netfilter: ctnetlink: validate CTA_EXPECT_NAT_DIR to prevent OOB access | 1 | imv4bel@gmail.com | finished in 3h56m0s |
| 2026-03-07 17:21 UTC | netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() | 1 | imv4bel@gmail.com | finished in 3h59m0s |
| 2026-03-07 17:21 UTC | netfilter: ctnetlink: fix use-after-free of exp->master in single expectation GET | 1 | imv4bel@gmail.com | finished in 4h8m0s |
| 2026-03-07 17:20 UTC | netfilter: ctnetlink: fix use-after-free of exp->master in expectation dump | 1 | imv4bel@gmail.com | finished in 4h4m0s |
| 2026-03-06 19:12 UTC | netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop() | 2 | qguanni@gmail.com | finished in 4h5m0s |
| 2026-03-06 12:36 UTC | netfilter: nft_set_rbtree: allocate same array size on updates | 1 | pablo@netfilter.org |
finished
in 4h6m0s
[1 findings] |
| 2026-03-06 08:08 UTC | netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop() | 1 | qguanni@gmail.com | finished in 4h23m0s |
| 2026-03-05 12:26 UTC | netfilter: updates for net | 2 | fw@strlen.de | finished in 4h3m0s |
| 2026-03-05 12:01 UTC | netfilter: nf_tables: Fix for duplicate device in netdev hooks | 1 | phil@nwl.cc | finished in 4h13m0s |
| 2026-03-05 00:47 UTC | net: Add SPDX ids to some source files | 1 | tim.bird@sony.com | finished in 4h11m0s |
| 2026-03-04 17:29 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h9m0s |
| 2026-03-04 11:49 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 4h13m0s |
| 2026-03-03 19:57 UTC | doc/netlink: Expand nftables specification | 8 | one-d-wide@protonmail.com | finished in 1h5m0s |
| 2026-03-03 10:15 UTC | netfilter: use function typedefs for __rcu NAT helper hook pointers | 1 | sun.jian.kdev@gmail.com | finished in 1h39m0s |
| 2026-03-02 21:26 UTC | netfilter: nf_tables: fix use-after-free on ops->dev | 1 | koike@igalia.com | finished in 4h16m0s |
| 2026-03-02 16:05 UTC | rule: fix NULL pointer dereference in do_list_flowtable | 1 | ant.v.moryakov@gmail.com | skipped |
| 2026-02-27 16:29 UTC | netfilter: nf_flow_table_ip: Introduce nf_flow_vlan_push() | 2 | ericwouds@gmail.com | finished in 4h11m0s |
| 2026-02-26 19:50 UTC | IPVS changes, part 3 of 4 - per-net tables | 1 | ja@ssi.bg | finished in 4h9m0s |
| 2026-02-26 09:40 UTC | netfilter: nfnetlink_queue: no longer acquire sk_callback_lock | 1 | edumazet@google.com | finished in 4h21m0s |
| 2026-02-26 08:58 UTC | netfilter: nfnetlink_log: no longer acquire sk_callback_lock | 1 | edumazet@google.com | finished in 4h27m0s |
| 2026-02-26 08:29 UTC | netfilter: nft_meta: no longer acquire sk_callback_lock in nft_meta_get_eval_skugid() | 1 | edumazet@google.com | finished in 4h1m0s |
| 2026-02-25 13:23 UTC | netfilter: xt_owner: no longer acquire sk_callback_lock in mt_owner() | 2 | edumazet@google.com | finished in 4h2m0s |
| 2026-02-25 13:20 UTC | netfilter: nf_log_syslog: no longer acquire sk_callback_lock in nf_log_dump_sk_uid_gid() | 2 | edumazet@google.com | finished in 4h13m0s |
| 2026-02-25 13:06 UTC | netfilter updates for net | 1 | fw@strlen.de | finished in 4h33m0s |
| 2026-02-25 00:13 UTC | netfilter: nf_tables: clone set on flush only | 1 | pablo@netfilter.org | finished in 4h7m0s |
| 2026-02-24 20:50 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 3h26m0s |
| 2026-02-24 18:22 UTC | netfilter: nf_tables: inconditionally bump set->nelems before insertion | 1 | pablo@netfilter.org | finished in 4h28m0s |
| 2026-02-24 12:33 UTC | netfilter: nf_log_syslog: no longer acquire sk_callback_lock in nf_log_dump_sk_uid_gid() | 1 | edumazet@google.com | finished in 4h11m0s |
| 2026-02-24 12:28 UTC | netfilter: xt_owner: no longer acquire sk_callback_lock in mt_owner() | 1 | edumazet@google.com | finished in 4h21m0s |
| 2026-02-24 06:53 UTC | conntrack: bridge: add double vlan, pppoe and pppoe-in-q | 19 | ericwouds@gmail.com | finished in 4h18m0s |
| 2026-02-22 19:58 UTC | conntrack: bridge: add double vlan, pppoe and pppoe-in-q | 18 | ericwouds@gmail.com | finished in 3h50m0s |
| 2026-02-22 15:52 UTC | netfilter: nf_flow_table_ip: Introduce nf_flow_vlan_push() | 1 | ericwouds@gmail.com | finished in 3h56m0s |
| 2026-02-17 16:32 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 4h6m0s |
| 2026-02-17 12:14 UTC | netfilter: nf_tables: fix use-after-free in nf_tables_addchain() | 1 | y0un9sa@gmail.com | finished in 4h0m0s |
| 2026-02-17 11:56 UTC | net: remove WARN_ON_ONCE when accessing forward path array | 1 | pablo@netfilter.org | finished in 4h15m0s |
| 2026-02-16 17:23 UTC | Tree-wide use of python3 | 1 | pablo@netfilter.org | skipped |
| 2026-02-16 11:26 UTC | json: complete multi-statement set element support | 1 | pablo@netfilter.org | skipped |
| 2026-02-15 17:04 UTC | ipset: refuse to run under file capabilities | 1 | alan@sleuthco.ai | skipped |