Dave Airlie

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.10.81 **Description** A vulnerability in the Linux kernel has been resolved, specifically in the drm/amdgpu/cs module. The issue occurs when a command with 0 chunks is submitted, causing a kernel NULL pointer dereference. This can lead to an oops later, found when trying to execute the wrong userspace driver. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Linux kernel version 5.10.81 and earlier, update to a newer version to mitigate the risk. As a temporary workaround, consider disabling the `amdgpu cs ioctl` function until a patch is available. Restrict access to the vulnerable module `drm` to minimize the risk of exploitation. Avoid using the `MESA LOADER DRIVER OVERRIDE` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.8.0-rc6+ **Description** The vulnerability is related to the nouveau driver in the Linux kernel. It appears that the client object tree has no locking, which can cause races around adding or removing client objects, mostly related to vram bar mappings. This can lead to a general protection fault. The issue is resolved by locking the client object tree. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for the vulnerability. Specifically, update to a version later than 6.8.0-rc6+. As a temporary workaround, consider disabling the `nvkm object search` function until a patch is available. Restrict access to the vulnerable module `nouveau` to minimize the risk of exploitation. Avoid using the `nvif object map handle` and `nouveau ttm io mem reserve` functions in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** pam smb versions 1.1.6 and earlier **Description** The issue allows remote attackers to execute arbitrary code when authenticating to a remote service due to a buffer overflow in the PAM SMB module. Exploitation of this issue can lead to disruption of confidentiality, integrity, and availability of protected information. The exploitation can be carried out remotely. **Recommendations** For versions 1.1.6 and earlier, update to a version later than 1.1.6 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.