D. Wythe

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.74 **Description** The issue concerns the Linux kernel, specifically the net/smc component. When receiving a proposal message in the server, the fields `iparea offset` and `ipv6 prefixes cnt` from the remote client are not fully trusted. If the `iparea offset` exceeds its maximum value, it may lead to accessing the wrong address, potentially causing a crash. The patch addresses this by checking `iparea offset` and `ipv6 prefixes cnt` before using them. **Recommendations** For versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider restricting access to the net/smc component until the patch is applied.