Rahul Rameshbabu

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.37 **Description** The issue is related to a NULL pointer dereference in the Linux kernel, specifically in the net/mlx5 module. The `mlx5 modify header dealloc` call leads to this dereference, and a leak in the rules also occurred due to two rules being populated related to status. This results in a kernel NULL pointer dereference. The vulnerability is resolved by using `mlx5 ipsec rx status destroy` to correctly delete status rules. **Recommendations** To resolve the issue, update the Linux kernel to version 6.6.37 or later. As a temporary workaround, consider disabling the `mlx5 modify header dealloc` function until a patch is available. Restrict access to the vulnerable module `net/mlx5` to minimize the risk of exploitation. Avoid using the `rx create` function with the `modify hdr` instance until the issue is resolved.