Description: netfilter: nf_tables: stricter validation of element data
References:
 https://www.openwall.com/lists/oss-security/2022/07/02/3
 https://lore.kernel.org/netfilter-devel/cd9428b6-7ffb-dd22-d949-d86f4869f452@randorisec.fr/T/#u
 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6
 https://www.openwall.com/lists/oss-security/2022/07/03/4
 https://www.randorisec.fr/crack-linux-firewall/
Notes:
 carnil> Should be present since fdb9c405e35b ("netfilter: nf_tables:
 carnil> allow up to 64 bytes in the set element data area") in 5.8-rc1.
 carnil> Fixed as well in 5.18.11 for 5.18.y.
Bugs:
upstream: released (5.19-rc6) [7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6]
5.10-upstream-stable: released (5.10.130) [0a5e36dbcb448a7a8ba63d1d4b6ade2c9d3cc8bf]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.18.14-1)
5.10-bullseye-security: released (5.10.127-2) [bugfix/all/netfilter-nf_tables-stricter-validation-of-element-d.patch]
4.19-buster-security: N/A "Vulnerable code not present"