1 files changed, 3 insertions, 0 deletions

diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index 2ad520ccd006..1e2ff82d5bf7 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -587,6 +587,9 @@ int xt_check_entry_offsets(const void *base,
 		return -EINVAL;
 
 	t = (void *)(e + target_offset);
+	if (t->u.target_size < sizeof(*t))
+		return -EINVAL;
+
 	if (target_offset + t->u.target_size > next_offset)
 		return -EINVAL;