Abhishek Shah

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to `xfrm probe algs` occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. The vulnerability may also allow an attacker to execute arbitrary code, cause a denial of service, or have other impacts on the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.