In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_queue: fix possible use-after-free
Eric Dumazet says: The sockhold() side seems suspect, because there is no guarantee that skrefcnt is not already 0.
On failure, we cannot queue the packet and need to indicate an error. The packet will be dropped by the caller.
v2: split skb prefetch hunk into separate change