Andrey Grodzovsky

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue arises when a PCI error state `pci channel io normal` is detected, leading to a report of `PCI ERS RESULT CAN RECOVER` status to the PCI driver. This causes the PCI driver to continue executing the PCI resume callback `report resume` by `pci walk bridge`, which then goes into `amdgpu pci resume`. Here, a write lock is released unconditionally without being acquired first, resulting in a deadlock when other threads attempt to acquire the read lock. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include: - The `amdgpu pci resume` function is involved in the issue. - The `pci channel state` is cached in the `amdgpu device` structure to handle the case of `pci channel io frozen`. - The `pci walk bridge` and `report resume` callbacks are part of the execution flow leading to the deadlock. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the `drm sched entity kill jobs()` function in the Linux kernel, which can cause data corruptions due to a buffer overflow. This can potentially allow a remote attacker to impact the confidentiality and availability of protected information. The problem occurs when a job is killed before all its dependencies are completed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.