bffaac
netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations (bsc#1222368 CVE-2024-26673).