A recently disclosed Linux-kernel vulnerability in the netfilter nftables subsystem can cause a kernel crash when a rule references certain stateful objects from the OUTPUT hook; maintainers fixed the defect by adding proper validation for objref and objrefmap expressions so that referencing a...
