CVE-2024-40985
CVE-2024-40985 concerns the Linux kernel TCP-AO subsystem. The issue is described as: in net/tcp_ao, ao_info could be leaked on error-path, introduced with TCP_AO_CMDF_AO_REQUIRED in patch set version 5. The vulnerability’s root cause is an information leak during error handling in the TCP-AO cod...