Christian König

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A refcount underflow issue has been resolved in the Linux kernel. The issue occurs when `nouveau bo ref()` is called on a `nouveau bo` without initializing it, leading to a refcount underflow. To fix this, the code now cleans up manually instead of calling `nouveau bo ref()` in the unwind path of `drm gem object init()`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to the use of an uninitialized value `*size` when calling `amdgpu vce cs reloc` in the `drm/amdgpu` module. This could potentially impact the confidentiality, integrity, and availability of protected information. The problem can be addressed by initializing the `size` before calling `amdgpu vce cs reloc`, such as in the case `0x03000001`. To improve handling, a separate value of `0xffffffff` would be needed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the `drm/buddy` component of the Linux kernel, specifically with the `alloc range()` function. This function was returning `SUCCESS` in certain corner cases when it couldn't find the required memory blocks, leading to display corruption when booting to KDE Plasma or playing games. The correct approach is for the function to return `-ENOSPC` when the total allocated size is less than the required size. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the `drm sched entity kill jobs()` function in the Linux kernel, which can cause data corruptions due to a buffer overflow. This can potentially allow a remote attacker to impact the confidentiality and availability of protected information. The problem occurs when a job is killed before all its dependencies are completed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.