diff options
-rw-r--r-- | net/xfrm/xfrm_output.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/net/xfrm/xfrm_output.c b/net/xfrm/xfrm_output.c index 0951444..d73003c 100644 --- a/net/xfrm/xfrm_output.c +++ b/net/xfrm/xfrm_output.c @@ -57,8 +57,11 @@ static int xfrm_output_one(struct sk_buff *skb, int err) if (x->type->flags & XFRM_TYPE_REPLAY_PROT) { XFRM_SKB_CB(skb)->seq = ++x->replay.oseq; - if (unlikely(x->replay.oseq == 0)) + if (unlikely(x->replay.oseq == 0)) { + x->replay.oseq--; xfrm_audit_state_replay_overflow(x, skb); + goto error; + } if (xfrm_aevent_is_on()) xfrm_replay_notify(x, XFRM_REPLAY_UPDATE); } |