Diffusion FreeBSD src repository c0cb68169beb

ipfw: pmod: avoid further rule processing after tcp-mod failures
c0cb68169beb
Actions

Description

ipfw: pmod: avoid further rule processing after tcp-mod failures

m_pullup() here will have freed the mbuf chain, but we pass back an
IP_FW_DENY without any signal that the outer loop should finish. Thus,
rule processing continues without an mbuf and there's a chance that we
conclude that the packet may pass (but there's no mbuf remaining)
depending on the rules that follow it.

PR: 284606
Reviewed by: ae
Approved by: so
Security: FreeBSD-SA-25:11.ipfw
Security: CVE-2025-14769

(cherry picked from commit c0382512bfce872102d213b9bc2550de0bc30b67)
(cherry picked from commit deb684f9d1d6a3681e451d3af31f768c567f7dbe)

Details

Provenance

kevans	Authored on Nov 1 2025, 5:34 PM
markj	Committed on Dec 16 2025, 1:57 PM

Parents

rG476b20984a6f: Add UPDATING entries and bump version.

Branches

Unknown

Tags

Unknown

Event Timeline

markj committed rGc0cb68169beb: ipfw: pmod: avoid further rule processing after tcp-mod failures (authored by kevans).Dec 16 2025, 1:57 PM

Changes (1)

Path

Size

sys/

netpfil/

ipfw/

pmod/

tcpmod.c

rGc0cb68169beb

View Options

sys/netpfil/ipfw/pmod/tcpmod.c