Two similar flaws in the Linux Kernel found. From v6.2-rc1 to v6.6-rc6two null pointer dereference vulnerabilities in nf_tables could happen. The first vulnerability is in nft_inner_init() in nft_inner.c. The NFTA_INNER_NUM netlink attribute is accessed At (0) without checking its presence before, so it may be NULL。 The second vulnerability is in nft_expr_inner_parse(), which is quite similar to the first one. The NFTA_EXPR_NAME netlink attribute is not checked before accessing it.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2251249]
This was fixed for Fedora with the 6.5.9 stable kernel updates.