John Fastabend

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability in the Linux kernel has been resolved. The issue is related to the protection check for psock vs ULP. The `inet csk has ulp(sk)` check was moved from `sk psock init()` to the new `tcp bpf update proto()` function, potentially allowing the creation of psocks for non-inet sockets. However, the destruction path for psock includes the ULP unwind, requiring the `sk psock init()` to fail if ULP is already present. Otherwise, it may result in the ULP looping its callbacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A potential memory leak has been identified in the Linux kernel, specifically in the bpf and sockmap components. The issue arises when the `skb linearize` function is needed but fails, potentially leading to a memory leak during error handling. To address this, the fix ensures that the msg block is freed using `kfree` before returning an error. This issue was discovered during a code review. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.