David Gibson

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.2 **Description** The issue is related to errors in saving and restoring the state of register masks for power save functionality, specifically PNV POWERSAVE AMR, PNV POWERSAVE UAMOR, and PNV POWERSAVE AMOR, in the Linux kernel on the powerpc platform. This could allow an attacker to cause a denial of service. **Recommendations** For Linux kernel versions prior to 5.2, update to version 5.2 or later to resolve the issue. As a temporary workaround, consider disabling the idle book3s functionality until a patch is available. Restrict access to the affected arch/powerpc/kernel/idle book3s.S file to minimize the risk of exploitation. Avoid using the `PNV POWERSAVE AMR`, `PNV POWERSAVE UAMOR`, and `PNV POWERSAVE AMOR` registers in the affected kernel functionality until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.13.11 **Description** The issue allows local users to cause a denial of service, resulting in a system crash due to a NULL pointer dereference. This can be achieved by making a KVM CHECK EXTENSION KVM CAP PPC HTM ioctl call to the `/dev/kvm` API endpoint. **Recommendations** For Linux kernel versions prior to 4.13.11, update to version 4.13.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Red Hat Enterprise Virtualization versions 3 and 3.2 **Description** The issue allows privileged guest users to cause the host to become unavailable to the management server by sending a guest agent response containing invalid XML characters. This is due to an incomplete fix for a previous issue. **Recommendations** For Red Hat Enterprise Virtualization versions 3 and 3.2, consider restricting guest user privileges to minimize the risk of exploitation until a complete fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.