[pkg-netfilter-team] Bug#1053564: Acknowledgement (nftables: nft freeze after some times, probably as a result of excessive use of named set)

Daniel Haryo Sugondo sugondo at hlrs.de
Wed Dec 27 07:31:53 GMT 2023 

Hi Arturo,

does your update in order to fix the CVE-2023-6817 impact this problem too?
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=317eb9685095678f2c9f5a8189de698c5354316a

regards.

On 10/24/23 10:36, Arturo Borrero Gonzalez wrote:
> On 10/24/23 10:20, Daniel Haryo Sugondo wrote:
>> Dear maintainer
>>
>> the problem with named set makes the system unusable.
>>
>> I would be so thankful, if you can give me some hints, what's
>> wrong with the behavior since Debian12.
>>
> 
> 
> Hi Daniel,
> 
> this sounds to me like a bug in the nf_tables linux kernel subsystem.
> 
> I don't have the info at hand at the moment whether if this has been 
> fixed already. I would try using a newer kernel, either stable or 
> backports.
> 
> regards.
> 
> 

-- 
Mit freundlichen Grüßen!

Daniel Haryo Sugondo

High Performance Computing Center Stuttgart (HLRS)
Department HPCN Production
Networks and Firewall
University Stuttgart
Tel.: +49 (0)711 / 685-87250
Fax: +49 (0)711 / 685-77250
Nobelstraße 19
Room 0.051
70569 Stuttgart
Germany
Mail: daniel.sugondo at hlrs.de

PGP Key Fingerprint: 1F82 CE27 30C1 8E0E 11DF B636 2EA5 BDE1 97A2 1C82

If you are not the intended addressee, please inform us immediately
that you have received this e-mail in error, and delete it.
We thank you for your cooperation.

< Theory is where you know everything, but nothing works;
practice is where everything works, but nobody knows why.
Here we combine theory with practice;
nothing works and nobody knows why!
-- A. Einstein -->
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x2EA5BDE197A21C82.asc
Type: application/pgp-keys
Size: 3118 bytes
Desc: OpenPGP public key
URL: <http://alioth-lists.debian.net/pipermail/pkg-netfilter-team/attachments/20231227/df17a863/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-netfilter-team/attachments/20231227/df17a863/attachment.sig>

More information about the pkg-netfilter-team mailing list