In the Linux kernel, the following vulnerability has been resolved:
netfilter: iptables: Fix potential null-ptr-deref in ip6tablenattable_init().
ip6tablenattableinit() accesses net->gen->ptr[ip6tablenatnetops.id], but the function is exposed to user space before the entry is allocated via registerpernetsubsys().
Let's call registerpernetsubsys() before xtregistertemplate().