A null-pointer bug tucked inside the Linux kernel’s XFRM (IP transformation) code — specifically in xfrm_update_ae_params() — can be triggered by a local actor with network administration privileges to cause a complete kernel crash and a hard denial-of-service on affected systems; the defect was...
