Alexander Stein

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A deadlock occurs in the ASoC fsl xcvr component due to an improper locking mechanism in the `fsl xcvr mode put()` function. The issue arises when the function attempts to acquire the `card->controls rwsem` lock while the upper ALSA core function `snd ctl elem write()` already holds the write lock on the same semaphore for the duration of the operation. Attempting to acquire a read lock while holding a write lock in the same thread leads to a hung task. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to a NULL pointer dereference in the mxsfb component of the Linux kernel. This could allow an attacker to cause a denial of service. The `drm atomic get new bridge state` function is allowed to return a NULL pointer, which `mxsfb` should not dereference. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the Linux kernel, where the `struct v4l2 async notifier` has several `list head` members, but only `waiting list` and `done list` are initialized. The `notifier entry` is kept 'zeroed', leading to an uninitialized `list head`. This results in a NULL-pointer dereference if `csi2 async register()` fails, for example, when the node for the remote endpoint is disabled, and returns `-ENOTCONN`. The following calls to `v4l2 async nf unregister()` result in a NULL pointer dereference. The fix involves adding the missing list head initializer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.