It was found that the data_len parameter of the sock_alloc_send_pskb function in the Linux kernel"s networking implementation was not validated before use. A local user with access to a TUN/TAP virtual interface could use this flaw to crash the system or, potentially, escalate their privileges. Note that unprivileged users cannot access TUN/TAP devices until the root user grants them access