linux is vulnerable to out-of-bounds write. The vulnerability exists due to a lack of sanitization of zeroing the area to start of next rule won’t write past end of allocated ruleset blob in xt_compat_match/target_from_user.
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-0937