Description: netfilter: nft_set_pipapo: release elements in clone only from destroy path
References:
Notes:
 carnil> Introduced in 9827a0e6e23b ("netfilter: nft_set_pipapo: release elements in
 carnil> clone from abort path"). Vulnerable versions: 5.10.130 5.15.54 5.18.11 5.19-rc6.
Bugs:
upstream: released (6.9-rc1) [b0e256f3dd2ba6532f37c5c22e07cb07a36031ee]
6.7-upstream-stable: released (6.7.11) [821e28d5b506e6a73ccc367ff792bd894050d48b]
6.6-upstream-stable: released (6.6.23) [ff90050771412b91e928093ccd8736ae680063c2]
6.1-upstream-stable: released (6.1.83) [5ad233dc731ab64cdc47b84a5c1f78fff6c024af]
5.10-upstream-stable: released (5.10.214) [b36b83297ff4910dfc8705402c8abffd4bbf8144]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.7.12-1)
6.1-bookworm-security: released (6.1.85-1)
5.10-bullseye-security: needed
4.19-buster-security: N/A "Vulnerable code not present"