Description: netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
References:
 https://www.openwall.com/lists/oss-security/2023/01/13/2
 https://www.openwall.com/lists/oss-security/2023/01/13/4
 https://groups.google.com/g/syzkaller/c/YRNDJBsJn_s?pli=1
 https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230111212251.193032-4-pablo@netfilter.org/
 https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=696e1a48b1a1b01edad542a1ef293665864a4dd0
Notes:
 carnil> Fixed as well in 6.1.7 for 6.1.y.
Bugs:
upstream: released (6.2-rc5) [696e1a48b1a1b01edad542a1ef293665864a4dd0]
5.10-upstream-stable: released (5.10.164) [550efeff989b041f3746118c0ddd863c39ddc1aa]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.1.7-1)
5.10-bullseye-security: released (5.10.162-1) [bugfix/all/netfilter-nft_payload-incorrect-arithmetics-when-fet.patch]
4.19-buster-security: N/A "Vulnerable code not present"