In P2P mode, when parsing frames, the check of the size of one of the parameters is skipped, which allows to achieve recording beyond the buffer boundary. Therefore, malicious code execution in the kernel can occur when specially crafted frames are sent.
An exploit has already been published that causes a remote crash of the Linux kernel. In many distributions, the problem still remains unresolved.
Source: linux.org.ru