Arnd Bergmann

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to a null pointer dereference bug in the Linux kernel, specifically in the wifi: brcmfmac: pcie component. This bug occurs when the physical memory runs out, causing the kzalloc() function in brcmf pcie download fw nvram() to return null. As a result, using get random bytes() to generate random bytes in the randbuf can lead to a null pointer dereference. To prevent allocation failure, a separate function has been added to use a buffer on the kernel stack to generate random bytes in the randbuf, which can prevent the kernel stack from overflowing. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.11.3 Description: An issue was discovered in the Linux kernel when a webcam device exists, related to a memory leak in the `video usercopy` function in `drivers/media/v4l2-core/v4l2-ioctl.c` for large arguments. This can lead to a denial of service. Recommendations: For Linux kernel versions prior to 5.11.3, update to version 5.11.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `video usercopy` function in `drivers/media/v4l2-core/v4l2-ioctl.c` to minimize the risk of exploitation.