In the Linux kernel, the following vulnerability has been resolved:
netfilter: nftsetpipapo: clamp maximum map bucket size to INT_MAX
Otherwise, it is possible to hit WARNONONCE in _kvmallocnodenoprof() when resizing hashtable because _GFP_NOWARN is unset.
Similar to:
b541ba7d1f5a ("netfilter: conntrack: clamp maximum hashtable size to INT_MAX")