Lin Ming

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.4.8 **Description** The issue allows local users to cause a denial of service, resulting in a system crash due to a NULL pointer dereference. This is achieved through an IPOPT CIPSO IP OPTIONS setsockopt system call. The `cipso v4 validate` function in `net/ipv4/cipso ipv4.c` is the vulnerable component. **Recommendations** For Linux kernel versions prior to 3.4.8, update to version 3.4.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the `setsockopt` system call to minimize the risk of exploitation.