Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 20 Apr 2015 19:57:10 -0700
From: Seth Arnold <>
Subject: use-after-free in src/libnetfilter_cthelper.c

Hello Pablo, all,

I noticed a use-after-free in src/libnetfilter_cthelper.c:

void nfct_helper_free(struct nfct_helper *h)
        int i;

        for (i=0; i<NF_CT_HELPER_CLASS_MAX; i++) {
                if (h->expect_policy[i])

A simple fix would move the free(h) line below the for() loop.

Does this issue deserve a CVE? Determining exploitability is not my

A simple browsable version can be found at:

Some callers of this function can be found in the conntrack package:


Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ