A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.
https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/