Balazs Scheidler

**Name of the Vulnerable Software and Affected Versions** Debian GNU/Linux kernel versions 2.4.27 (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in the Debian GNU/Linux kernel, which can lead to a disruption of protected information. These vulnerabilities can be exploited remotely. Specifically, an array index overflow in the xfrm sk policy insert function in xfrm user.c in Linux kernel 2.6 allows local users to cause a denial of service and possibly execute arbitrary code via a p->dir value that is larger than XFRM POLICY OUT. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.