xfrm

The xfrm tag on WindowsForum.com covers discussions about the Linux kernel's XFRM (IP transformation) subsystem, particularly security vulnerabilities and patches. One highlighted thread addresses CVE-2023-3772, a null-pointer bug in xfrm_update_ae_params() that allows a local attacker with CAP_NET_ADMIN privileges to crash the kernel. The thread provides details on the vulnerability, its impact, and available patches from upstream and distribution kernels. This tag is relevant for system administrators and security professionals managing Linux systems with network namespace capabilities or untrusted workloads.