Hello, Yes, only IP_VS_SO_SET_FLUSH uses len 0. We can go with this change but you do not need to target net tree, as the problem is not fatal net-next works too. What happens is that we may lookup s
Yes, it was `IP_VS_SO_SET_NONE`, implicitly initialized to zero. I see. I think the latter would be easier, but we cannot ban all of them, since the function does something with `IP_VS_SO_SET_FLUSH`,
Which exact 'cmd' is it here? I _guess_ it is one of those uninitialized in set_arglen[], which is 0. But if that is the case, should it be initialized to sizeof(struct ip_vs_service_user) instead be
do_ip_vs_set_ctl() is referencing uninitialized stack value when `len` is zero. Fix it. Reported-and-tested-by: syzbot+23b5f9e7caf61d9a3898@xxxxxxxxxxxxxxxxxxxxxxxxx Link: https://syzkaller.appspot.c