The Linux kernel received a targeted fix that addresses a subtle but disruptive netfilter edge case: CVE-2025-68206 adds a seqadj extension inside nftables’ conntrack helper path so NAT’ed FTP control connections (PASV/EPSV) are correctly sequence-adjusted when payload bytes are rewritten — a...
