Takahiro Kawahara

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.50 **Description** The vulnerability is related to a null pointer dereference in the `iptable nat table init()` function. This issue can be triggered when `iptables-restore` is called at boot time, causing a kernel NULL pointer dereference. The problem arises because `iptable nat table init()` is exposed to user space before the kernel fully initializes `netns`. In the small race window, a user could call `iptable nat table init()` that accesses `net generic(net, iptable nat net id)`, which is available only after registering `iptable nat net ops`. To fix this, `register pernet subsys()` should be called before `xt register template()`. **Recommendations** To resolve this issue, update the Linux kernel to version 6.6.50 or later. If updating is not possible, consider disabling the `iptable nat table init()` function until a patch is available. However, this might have significant implications for network functionality and should be carefully considered. Note: The provided information does not specify the exact versions affected beyond mentioning version 6.6.50 as a fix. Therefore, it is recommended to update to this version or later to ensure the vulnerability is resolved.