From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9D2CA2D46B3 for ; Thu, 16 Apr 2026 18:10:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.170 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776363054; cv=none; b=cjjXIhv2JRyyBvxayqg6OnJ2agchjAqAblu0Qxq312B4ugnicdCZN+/wqZ6QQy9tjZaQtJXEbRZPpYWrkPx9hATs236erthBZYZhUGZR/ko7M6vD83TOKaGQeEUbHLbl+C5UGHTIsQZscJQv641Km5wMz+3JtWHFcrhenyGNxrI= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776363054; c=relaxed/simple; bh=IVoVLkYURr2VVYZf7DoUyg5nEr8ZQuJ5h7W+SIOATYM=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=cMOGCY+Db9sy8UvWZHQw4Wv+3+2vzmhj6QJtTyhnYsR9c78gZoHJRVMAKmKeeq1kbdRCeOo8c9m+vhWhokcxjM5Z/VjEM9zTM4Em4LpCe5D6B0n7/z6K3/V0XmczKAaVZQis2F1R2qLt2D0RLZZiiz1X31TueD3L7gLpS4wvPU0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=dama.to; spf=none smtp.mailfrom=dama.to; dkim=pass (2048-bit key) header.d=dama-to.20251104.gappssmtp.com header.i=@dama-to.20251104.gappssmtp.com header.b=vBVdP4Zx; arc=none smtp.client-ip=209.85.214.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=dama.to Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=dama.to Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=dama-to.20251104.gappssmtp.com header.i=@dama-to.20251104.gappssmtp.com header.b="vBVdP4Zx" Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-2aaf59c4f7cso39572595ad.1 for ; Thu, 16 Apr 2026 11:10:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dama-to.20251104.gappssmtp.com; s=20251104; t=1776363053; x=1776967853; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references :mail-followup-to:message-id:subject:cc:to:from:date:from:to:cc :subject:date:message-id:reply-to; bh=YL1VZb94MOlbPm2mO4ff3eoT52AolKZxJhbwThzPtps=; b=vBVdP4Zxjakdxug5dB6aY7CDc+o26A+LMPOhLsBD9TKW7i3HOscV2MRPn23pHyi61K jepXSYV3HNZb7+20FTi5rCPimHtkRXqprxWbAeWtfmKkEoQpADOq08jrojtBwvyKYq4J qG5dX8nOjn/AbLdUnyUhFnLFIGyoxDbTiNih3q4IUMv79NT9gbN5SQVHt1LumfwlTx40 Rff0uYuEDUpVZ/VlkhdzX3YwDV2UBjp8uU2/LhD66WtJ2OXLkV9UzscVsUWRgWP2Ntzf +r44ZDcK99lBUXZbMThJNIpLv7pPVLvJ1bYrTg5tpOzwluyuiVZGn+6pLD2/OUCqBK/V gr7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776363053; x=1776967853; h=in-reply-to:content-disposition:mime-version:references :mail-followup-to:message-id:subject:cc:to:from:date:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=YL1VZb94MOlbPm2mO4ff3eoT52AolKZxJhbwThzPtps=; b=p2gEkQ7r49rJRy5u3ClnWZ9Ima9jyrCAKncCVDj7K5s4+N0yfVTtnYlj+rvU70n1DP /Vr0svLNMhpFYrZ0KKSp8qPHIJKFQftqnPgs5hz6v5DuXeMR6vO/BT6Gzq+obrxvyl8h Ns1wbpKNMZqL0q03qFERMT9c7zU6eDzjDwM2SOyfmAvUetN8yGvDXKWJezrx8gi3x611 iGYvMTKgxBU9QDR9LVuLGGJNoJfXsZIfuHnTi86ikSirp0S8P5+B3TGWEc42k5RIiD1l +JZuG1r5pNHyxux/lAfDxMQMKPduP5fCUh9wuSbiSvL9g4Hio4BZg8YxeKVxyVkoUd0q EP3Q== X-Forwarded-Encrypted: i=1; AFNElJ85G07rFFOl4r8LarbOKqLUMHx9x55ZpcsfwMt4juIOc5MJ7uXNJ7Sr0Q92kUPYmFs0RxjsH6s=@vger.kernel.org X-Gm-Message-State: AOJu0Yyt2LlAesTFxm1VRxhdJBeRvaDCxWl8ovWEIxRoRxRtyJV/nJ5m iRdRVkeSJ7Gg0sBLUNkdcXoPOXfaIaLCJI8zgfDKdOuiSST4M/YFceJ8YpL6kwP5pX0= X-Gm-Gg: AeBDies7i6qa8MULzLYpGFMft4N23LDo6w05+tGVjcD4pcQwOpHcw7nbuKq6EhZ3jag fw8jUJ/bMeq3OnNx1q8ni1FYRyu/hJdWXduG13YR+I0/n4nMIZgumsIeUCEWcsHQY4hHdc5O0fS aNYm+0IVMeZaaC83zPm5dRcd/QKSCbP92euNvjtNKUTyoCXdMQt6g7ag/r3oM0YQxLQ8QwawBVs fouhKDyqrB6oXYc/JI4jLrWupZnIYFzPU2xMgoB2hb6p4vV3pcn/31pA7+m96cbxsH+A2Qf3Cmq kyAW6z/N1LBP8+UK0G5kYm77S/qp4MN9JB2hWc/O7RXGrGzQJLCqbNg98elBHUaLhGqX7CnsSjm bnGsrw3xY7BtY5kSDhy8sCwTzGZqIJgWY0PCtdvJh9dvwLilTGXVSk4wSP975PDp5Iq+MnNUBql Pf7n7jahjBugLteU0= X-Received: by 2002:a17:903:1acc:b0:2b0:59c4:e9dc with SMTP id d9443c01a7336-2b5f8f2c8b3mr95275ad.22.1776363052927; Thu, 16 Apr 2026 11:10:52 -0700 (PDT) Received: from localhost ([2a03:2880:2ff:5f::]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2b4782acaf0sm65385575ad.67.2026.04.16.11.10.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 Apr 2026 11:10:52 -0700 (PDT) Date: Thu, 16 Apr 2026 11:10:51 -0700 From: Joe Damato To: Eric Dumazet Cc: "David S . Miller" , Jakub Kicinski , Paolo Abeni , Simon Horman , David Ahern , Ido Schimmel , netdev@vger.kernel.org, eric.dumazet@gmail.com Subject: Re: [PATCH net] ipv6: fix possible UAF in icmpv6_rcv() Message-ID: Mail-Followup-To: Joe Damato , Eric Dumazet , "David S . Miller" , Jakub Kicinski , Paolo Abeni , Simon Horman , David Ahern , Ido Schimmel , netdev@vger.kernel.org, eric.dumazet@gmail.com References: <20260416103505.2380753-1-edumazet@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260416103505.2380753-1-edumazet@google.com> On Thu, Apr 16, 2026 at 10:35:05AM +0000, Eric Dumazet wrote: > Caching saddr and daddr before pskb_pull() is problematic > since skb->head can change. > > Remove these temporary variables: > > - We only access &ipv6_hdr(skb)->saddr and &ipv6_hdr(skb)->daddr > when net_dbg_ratelimited() is called in the slow path. > > - Avoid potential future misuse after pskb_pull() call. > > Fixes: 4b3418fba0fe ("ipv6: icmp: include addresses in debug messages") > Signed-off-by: Eric Dumazet > --- > net/ipv6/icmp.c | 10 ++++------ > 1 file changed, 4 insertions(+), 6 deletions(-) Reviewed-by: Joe Damato