Wu Fan

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.13.11 **Description** The issue is related to the `assoc array insert into terminal node` function in `lib/assoc array.c`, which mishandles node splitting. This allows local users to cause a denial of service, resulting in a NULL pointer dereference and panic, via a crafted application. The keyring key type, and key addition and link creation operations, can be used to demonstrate this issue. **Recommendations** For Linux kernel versions prior to 4.13.11, update to version 4.13.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the `assoc array insert into terminal node` function until a patch is available.