A use-after-free flaw was found in the Linux kernel’s netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound, and the chain’s owner rule can release the objects in certain circumstances.
Mitigation for this issue is to skip loading the affected module "netfilter" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278