A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 6.6 (excluding) |
Linux_kernel | Linux | 6.6-rc1 (including) | 6.6-rc1 (including) |
Linux_kernel | Linux | 6.6-rc2 (including) | 6.6-rc2 (including) |