Last Modified: June 5, 2022
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
<?xml version="1.0" ?>
<set operator="and"/>
<?xml version="1.0" ?>
<set operator="and">
<prop key="program_influence" value="input"/>
</set>