netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations
CVE: CVE-2024-26673 JIRA: https://issues.redhat.com/browse/RHEL-31345 Upstream Status: All upstream in linus.git
Patch 1 fixes the bug, patch 2 is a follow-up to fix a side-effect of the first one.
Signed-off-by: Phil Sutter psutter@redhat.com