kernel: iptables restriction bypass if a protocol handler kernel module not loaded
A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol SCTP case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking...