David Laight

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** An integer overflow flaw was found in the Linux kernel, leading to the kernel allocating `skb shared info` in the userspace. This issue is exploitable in systems without SMAP protection since `skb shared info` contains references to function pointers. The vulnerability can be exploited locally, allowing an attacker to potentially execute code at the kernel level by manipulating network sockets in userspace. The issue can be mitigated by enabling the SMAP protection mechanism in the kernel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to an integer overflow in the `access ok()` function, which is used to check user access. Specifically, three architectures do not account for a possible overflow when checking the end of a user access against the address limit. This can lead to incorrect results when passing a negative length or another overflow. The problem arises from the lack of proper overflow handling, which can cause the function to return success when it should not. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.