CVE-2024-26673

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations

• Disallow families other than NFPROTO_{IPV4,IPV6,INET}.
• Disallow layer 4 protocol with no ports, since destination port is a mandatory attribute for this object.