Linux Kernel Open vSwitch Conntrack Label Handling Vulnerability Reversion

A vulnerability in the Linux kernel's Open vSwitch (OVS) component related to connection tracking label management has been addressed. The issue arose because the function 'ovs_ct_set_labels()' was only applied to confirmed connection tracking entries within 'ovs_ct_commit()'. If a confirmed entry lacked the 'labels_ext' extension, attempting to allocate it in 'ovs_ct_get_conn_labels()' would trigger a warning, as the entry was created externally before OVS updated the label count. This problem became more prevalent after a previous commit that changed the label counting method, leading to potential disruptions in existing use cases. To mitigate this, the problematic commit was reverted, restoring the previous behavior and preventing the issue from affecting current operations.

Impact

The reversion of the commit prevents the warning and potential issues caused by the label counting change, ensuring that connection tracking entries can be managed without disruption.