Commit b7cdc5a9 authored Mar 05, 2026 by Phil Sutter Committed by Florian Westphal Mar 10, 2026

netfilter: nf_tables: Fix for duplicate device in netdev hooks



When handling NETDEV_REGISTER notification, duplicate device
registration must be avoided since the device may have been added by
nft_netdev_hook_alloc() already when creating the hook.

Suggested-by: Florian Westphal <fw@strlen.de>
Reported-by:  <syzbot+bb9127e278fa198e110c@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=bb9127e278fa198e110c


Fixes: a331b78a ("netfilter: nf_tables: Respect NETDEV_REGISTER events")
Tested-by: Helen Koike <koike@igalia.com>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>

parent 6f1a9140

net/netfilter/nf_tables_api.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -9688,7 +9688,7 @@ static int nft_flowtable_event(unsigned long event, struct net_device *dev,
		break;
		case NETDEV_REGISTER:
		/* NOP if not matching or already registered */
		if (!match \|\| (changename && ops))
		if (!match \|\| ops)
		continue;

		ops = kzalloc_obj(struct nf_hook_ops,

net/netfilter/nft_chain_filter.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -344,7 +344,7 @@ static int nft_netdev_event(unsigned long event, struct net_device *dev,
		break;
		case NETDEV_REGISTER:
		/* NOP if not matching or already registered */
		if (!match \|\| (changename && ops))
		if (!match \|\| ops)
		continue;

		ops = kmemdup(&basechain->ops,