Description: netfilter: nf_tables: disallow non-stateful expression in sets earlier
References:
 https://www.openwall.com/lists/oss-security/2022/05/31/1
 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/net/netfilter?id=520778042ccca019f3ffa136dd0ca565c486cedd
 https://github.com/theori-io/CVE-2022-32250-exploit
 https://research.nccgroup.com/2022/09/01/settlers-of-netlink-exploiting-a-limited-uaf-in-nf_tables-cve-2022-32250/
Notes:
 carnil> For 5.17.y fixed in 5.17.13 and for 5.18.y fixed in 5.18.2
Bugs:
upstream: released (5.19-rc1) [520778042ccca019f3ffa136dd0ca565c486cedd]
5.10-upstream-stable: released (5.10.120) [ea62d169b6e731e0b54abda1d692406f6bc6a696]
4.19-upstream-stable: released (4.19.247) [ed44398b45add3d9be56b7457cc9e05282e518b4]
4.9-upstream-stable: released (4.9.318) [94e9b75919619ba8c4072abc4917011a7a888a79]
sid: released (5.18.2-1)
5.10-bullseye-security: released (5.10.120-1)
4.19-buster-security: released (4.19.249-1)
4.9-stretch-security: released (4.9.320-2)