Praveen Pandey

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.2.1 on the powerpc platform **Description** The issue is related to an error in resource management when using the sigreturn() system call. A local user can cause a denial of service, leading to a TM Bad Thing exception and system crash, by sending a crafted signal frame via a sigreturn() system call. This affects the arch/powerpc/kernel/signal 32.c and arch/powerpc/kernel/signal 64.c files. **Recommendations** For Linux kernel versions prior to 5.2.1 on the powerpc platform: As a temporary workaround, consider restricting the use of the sigreturn() system call until a patch is available. Avoid using the sigreturn() system call with crafted signal frames to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.