Chengming Zhou

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue arises from the Linux kernel's slab allocator, specifically when handling single object freeing separately from bulk object freeing. If `init on free` is set, the `slab free hook()` function zeroes the object, and with `slub debug=F` and `CONFIG SLAB FREELIST HARDENED` set, the `do slab free()` slowpath executes freelist consistency checks. This can lead to a "Freepointer corrupt" detection in `check object()` due to the decoding of a zeroed freepointer. The vulnerability can be reproduced by setting specific debug and configuration options on a kernel build with `CONFIG SLAB FREELIST HARDENED=y`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the cachestat component in the Linux kernel, which can cause errors when racing with swapping and invalidation. There are two possible bugs: a swapin error can result in a poisoned swap entry, leading to an out-of-bounds access, and a valid swap entry might not exist yet, sending a NULL to workingset test recent() and potentially resulting in a false "recently evicted" count. This could lead to code clarity issues and potentially affect the robustness of the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.