A flaw was found in the Netfilter module in the Linux kernel. The problem is in the nft_byteorder_eval() function where the code is iterating through a loop and writing to dst[0], dst[1], dst[2] and so on. On each iteration 8 bytes get written, but dst[] is an array of u32 so each element only has space for 4 bytes. That means that every iteration overwrites part of the previous element. Upstream commit: https://github.com/torvalds/linux/commit/c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2258636]
This was fixed for Fedora with the 6.5.13 stable kernel updates.