CVE-2023-54035

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netfilter: nf_tables: fix underflow in chain reference counter<br /> <br /> Set element addition error path decrements reference counter on chains<br /> twice: once on element release and again via nft_data_release().<br /> <br /> Then, d6b478666ffa ("netfilter: nf_tables: fix underflow in object<br /> reference counter") incorrectly fixed this by removing the stateful<br /> object reference count decrement.<br /> <br /> Restore the stateful object decrement as in b91d90368837 ("netfilter:<br /> nf_tables: fix leaking object reference count") and let<br /> nft_data_release() decrement the chain reference counter, so this is<br /> done only once.