CVE-2018-25062

Name of the Vulnerable Software and Affected Versions flar2 ElementalX versions up to 6.x

Description A problematic vulnerability has been found, affecting the function xfrm dump policy done of the file net/xfrm/xfrm user.c of the component ipsec. The manipulation leads to denial of service.

Recommendations For flar2 ElementalX versions up to 6.x, upgrade to version 7.00 to address this issue. As a temporary workaround, consider disabling the xfrm dump policy done function until the patch is applied. Restrict access to the ipsec component to minimize the risk of exploitation.