A flaw was found in the way the NFP4000/NFP6000 TC Flower offload functionality in the Linux kernel handled memory cleanup on failures. This flaw allows an attacker to cause a denial of service and crash the system.
To mitigate this issue, prevent module nfp from being loaded. Please see <https://access.redhat.com/solutions/41278> for how to blacklist a kernel module to prevent it from loading automatically.