linux

mirror of https://github.com/torvalds/linux.git synced 2026-03-08 03:44:45 +01:00

History

Stefano Garzarella 6a997f38bd vsock: prevent child netns mode switch from local to global A "local" namespace can change its `child_ns_mode` sysctl to "global", allowing nested namespaces to access global CIDs. This can be exploited by an unprivileged user who gained CAP_NET_ADMIN through a user namespace. Prevent this by rejecting writes that attempt to set `child_ns_mode` to "global" when the current namespace's mode is "local". Fixes: `eafb64f40c` ("vsock: add netns to vsock core") Cc: bobbyeshleman@meta.com Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Reviewed-by: Bobby Eshleman <bobbyeshleman@meta.com> Link: https://patch.msgid.link/20260212205916.97533-3-sgarzare@redhat.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>		2026-02-13 12:28:38 -08:00
..
6lowpan
9p	- fix a bug with O_APPEND in cached mode causing data to be written multiple times on server	2025-12-07 08:29:09 -08:00
802	net: remove HIPPI support and RoadRunner HIPPI driver	2026-01-20 19:12:06 -08:00
8021q	net: vlan: sync VLAN features with lower device	2025-10-31 17:42:35 -07:00
appletalk	net: Convert proto_ops connect() callbacks to use sockaddr_unsized	2025-11-04 19:10:32 -08:00
atm	net: atm: fix crash due to unvalidated vcc pointer in sigd_send()	2026-02-10 11:24:47 +01:00
ax25	net: ax25: remove plumbing for never-implemented DAMA Master support	2026-01-30 19:19:39 -08:00
batman-adv	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2025-10-31 06:46:03 -07:00
bluetooth	Networking changes for 7.0	2026-02-11 19:31:52 -08:00
bpf	bpf: add fsession support	2026-01-24 18:49:35 -08:00
bridge	net/ipv6: Introduce payload_len helpers	2026-02-06 20:50:03 -08:00
caif	caif: fix integer underflow in cffrml_receive()	2025-12-11 01:35:41 -08:00
can	can: gw: use can_gw_hops instead of sk_buff::csum_start	2026-02-05 11:58:40 +01:00
ceph	libceph: make calc_target() set t->paused, not just clear it	2026-01-06 00:39:43 +01:00
core	Networking changes for 7.0	2026-02-11 19:31:52 -08:00
dcb	Revert "Documentation: net: add flow control guide and document ethtool API"	2025-10-01 09:48:21 +02:00
devlink	devlink: Refactor devlink_rate_nodes_check	2026-02-02 20:05:51 -08:00
dns_resolver	net/dns_resolver: use credential guards in dns_query()	2025-11-04 12:36:51 +01:00
dsa	net: dsa: add tag format for MxL862xx switches	2026-02-11 11:27:57 +01:00
ethernet	net: optimize eth_type_trans() vs CONFIG_STACKPROTECTOR_STRONG=y	2025-11-24 19:27:31 -08:00
ethtool	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2026-02-05 09:54:08 -08:00
handshake	net/handshake: Fix null-ptr-deref in handshake_complete()	2025-12-22 12:36:40 +01:00
hsr	hsr: Implement more robust duplicate discard for HSR	2026-02-10 12:02:29 +01:00
ieee802154	net: Convert proto callbacks from sockaddr to sockaddr_unsized	2025-11-04 19:10:33 -08:00
ife
ipv4	Networking changes for 7.0	2026-02-11 19:31:52 -08:00
ipv6	ipv6: Fix out-of-bound access in fib6_add_rt2node().	2026-02-13 12:24:28 -08:00
iucv	net/iucv: clean up iucv kernel-doc warnings	2026-02-04 20:39:58 -08:00
kcm	Networking changes for 6.19.	2025-12-03 17:24:33 -08:00
key	pfkey: Deprecate pfkey	2025-10-30 09:03:12 +01:00
l2tp	l2tp: avoid one data-race in l2tp_tunnel_del_work()	2026-01-19 09:55:41 -08:00
l3mdev
lapb
llc	net: Convert proto_ops connect() callbacks to use sockaddr_unsized	2025-11-04 19:10:32 -08:00
mac80211	wifi: mac80211: Add eMLSR/eMLMR action frame parsing support	2026-02-02 10:11:18 +01:00
mac802154
mctp	net: mctp: ensure our nlmsg responses are initialised	2026-02-12 18:35:45 -08:00
mpls	mpls: Drop RTNL for RTM_NEWROUTE, RTM_DELROUTE, and RTM_GETROUTE.	2025-11-03 17:40:54 -08:00
mptcp	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2026-02-11 15:14:35 +01:00
ncsi
netfilter	Networking changes for 7.0	2026-02-11 19:31:52 -08:00
netlabel	audit: add record for multiple task security contexts	2025-08-30 10:15:30 -04:00
netlink	net: Convert proto_ops connect() callbacks to use sockaddr_unsized	2025-11-04 19:10:32 -08:00
netrom	netrom: fix double-free in nr_route_frame()	2026-01-20 19:15:40 -08:00
nfc	nfc: hci: shdlc: Stop timers and work before freeing context	2026-02-05 18:46:20 -08:00
nsh
openvswitch	net: openvswitch: fix data race in ovs_vport_get_upcall_stats	2026-01-22 12:55:22 +01:00
packet	net: add vlan_get_protocol_offset_inline() helper	2026-02-05 16:33:52 +01:00
phonet	net: Convert proto callbacks from sockaddr to sockaddr_unsized	2025-11-04 19:10:33 -08:00
psample
psp	tools: ynl-gen: add regeneration comment	2025-11-25 19:20:42 -08:00
qrtr	net: Convert proto_ops connect() callbacks to use sockaddr_unsized	2025-11-04 19:10:32 -08:00
rds	net/rds: Trigger rds_send_ping() more than once	2026-02-04 20:46:39 -08:00
rfkill	net: replace use of system_wq with system_percpu_wq	2025-09-22 17:40:30 -07:00
rose	net: rose: fix invalid array index in rose_kill_by_device()	2025-12-30 11:45:51 +01:00
rxrpc	rxrpc: Fix data-race warning and potential load/store tearing	2026-01-21 19:59:29 -08:00
sched	Networking changes for 7.0	2026-02-11 19:31:52 -08:00
sctp	sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT	2026-01-17 15:10:34 -08:00
shaper	tools: ynl-gen: add regeneration comment	2025-11-25 19:20:42 -08:00
smc	Revert "net/smc: Introduce TCP ULP support"	2026-01-30 19:21:51 -08:00
strparser	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2025-11-13 12:35:38 -08:00
sunrpc	nfsd-6.19 fixes:	2025-12-24 09:23:04 -08:00
switchdev
tipc	tipc: fix RCU dereference race in tipc_aead_users_dec()	2026-02-05 12:36:31 -08:00
tls	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2025-10-31 06:46:03 -07:00
unix	af_unix: Fix memleak of newsk in unix_stream_connect().	2026-02-11 13:01:13 +01:00
vmw_vsock	vsock: prevent child netns mode switch from local to global	2026-02-13 12:28:38 -08:00
wireless	wifi: cfg80211: add initial UHR support	2026-02-02 10:11:07 +01:00
x25	net: Convert proto_ops connect() callbacks to use sockaddr_unsized	2025-11-04 19:10:32 -08:00
xdp	Revert "Merge branch 'netkit-support-for-io_uring-zero-copy-and-af_xdp'"	2026-01-20 18:06:01 -08:00
xfrm	bpf-next-7.0	2026-02-10 11:26:21 -08:00
compat.c	socket: Unify getsockname and getpeername implementation	2025-11-26 13:45:23 -07:00
devres.c
Kconfig	net: Kconfig: discourage drop_monitor enablement	2025-10-17 16:29:26 -07:00
Kconfig.debug
Makefile	psp: base PSP device support	2025-09-18 12:32:06 +02:00
socket.c	vfs-6.19-rc1.fixes	2025-12-05 15:52:30 -08:00
sysctl_net.c