Robert Hancock

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.10.3 **Description** The issue is related to the bridge multicast implementation in the Linux kernel, which does not properly check if a certain timer is armed before modifying its timeout value. This can be exploited by local users to cause a denial of service, resulting in a system crash, particularly when shutting down a KVM virtual machine. The problem is associated with the net/bridge/br mdb.c and net/bridge/br multicast.c files. **Recommendations** For Linux kernel versions prior to 3.10.3, update to version 3.10.3 or later to resolve the issue.