Richard Guy Briggs <rgb(a)redhat.com> wrote:
nft_commit_notify(net, NETLINK_CB(skb).portid);
nf_tables_gen_notify(net, skb, NFT_MSG_NEWGEN);
nf_tables_commit_release(net);
+ nf_tables_commit_audit_log(&adl, net->nft.base_seq);
This meeds to be before nf_tables_commit_release() call, afaics this function
dereferences data structures that might be free'd already here.