Anderson Nascimento

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.37 **Description** The vulnerability is related to the `tcp twsk unique()` function in the Linux kernel's IPv4 implementation. It is caused by a use-after-free issue due to a race condition between threads trying to reuse a port during the `connect()` call. This can lead to a real use-after-free somewhere else, potentially allowing an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** To resolve the issue, update the Linux kernel to version 6.6.37 or later. If updating is not possible, consider temporarily disabling the `tcp twsk unique()` function or restricting access to the vulnerable module to minimize the risk of exploitation.