The Linux kernel patch for CVE-2024-49940 closes a subtle lifecycle race in the L2TP session/tunnel code that could otherwise lead to a tunnel refcount underflow and attendant kernel instability or denial-of-service; vendors have backported the fix into stable kernels and distributions, and...
