Alexander

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.19.0-rc2-lgci-xe-kernel+ #225 **Description** The Linux kernel contains a flaw in the drm/xe/nvm subsystem that can lead to a double-free condition during auxiliary device initialization failure. Specifically, a memory region is freed twice – once during successful initialization and again during uninitialization when auxiliary device addition fails. This can result in system instability and potentially lead to a kernel panic, as demonstrated by a KASAN report. The issue is triggered when `auxiliary device init()` succeeds, but `auxiliary device add()` fails. The fix involves moving the `kfree(nvm)` call into the failure path of `auxiliary device init()` to prevent the double-free. **Recommendations** Update to a version of the Linux kernel newer than 6.19.0-rc2-lgci-xe-kernel+ #225.

**Name of the Vulnerable Software and Affected Versions** grub2 (affected versions not specified) **Description** A flaw in the grub2-set-bootflag utility of grub2 can lead to a denial of service. The issue arises when the program creates a temporary file with new grubenv content and is killed before renaming it to the original grubenv file, resulting in the temporary file not being removed. This can cause the filesystem to fill up with temporary files when the utility is invoked multiple times, leading to a filesystem out of free inodes or blocks. The vulnerability is related to incomplete cleanup of temporary or auxiliary resources. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Huawei Mate 9 Pro versions earlier than 8.0.0.361(C636) **Description** The issue is caused by a lack of input validation, leading to an information leak. An attacker can trick a user with root privilege into installing an application that can read process information, potentially causing a sensitive information leak. **Recommendations** For versions earlier than 8.0.0.361(C636), update to version 8.0.0.361(C636) or later to resolve the issue.