034bbd806298e9ba4197dd1587b0348ee30996ea - linux/kernel/git/klassert/ipsec

commit: 034bbd806298e9ba4197dd1587b0348ee30996ea
[log] [tgz]
author: Eric Dumazet <edumazet@google.com>
Mon Feb 16 14:28:28 2026 +0000
committer: Jakub Kicinski <kuba@kernel.org>
Wed Feb 18 16:46:36 2026 -0800
tree: 080ddb58f764a40931b5d6f3eb60bfbbf8f8959d
parent: 570e4549f63293ca4973ef367ff02554f3e3dfc2 [diff]

icmp: prevent possible overflow in icmp_global_allow()

Following expression can overflow
if sysctl_icmp_msgs_per_sec is big enough.

sysctl_icmp_msgs_per_sec * delta / HZ;

Fixes: 4cdf507d5452 ("icmp: add a global rate limitation")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Kuniyuki Iwashima <kuniyu@google.com>
Link: https://patch.msgid.link/20260216142832.3834174-2-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

net/ipv4/icmp.c[diff]

1 file changed

tree: 080ddb58f764a40931b5d6f3eb60bfbbf8f8959d