An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in _xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation.
{ "urgency": "not yet assigned" }