An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/xtables.c and include/linux/netfilter/xtables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf.