Description: netfilter: nft_flow_offload: release dst in case direct xmit path is used
References:
Notes:
 carnil> Introduced in fa502c865666 ("netfilter: flowtable: simplify route logic").
 carnil> Vulnerable versions: 5.15.150 6.1.80 6.5-rc1.
Bugs:
upstream: released (6.8-rc6) [8762785f459be1cfe6fcf7285c123aad6a3703f0]
6.8-upstream-stable: N/A "Fixed before branching point"
6.7-upstream-stable: released (6.7.7) [2d17cf10179a7de6d8f0128168b84ad0b4a1863f]
6.6-upstream-stable: released (6.6.19) [9256ab9232e35a16af9c30fa4e522e6d1bd3605a]
6.1-upstream-stable: released (6.1.80) [a6cafdb49a7bbf4a88367db209703eee6941e023]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.7.7-1)
6.1-bookworm-security: released (6.1.82-1)
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"