Debdeep Mukhopadhyay

**Name of the Vulnerable Software and Affected Versions** TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) versions prior to 3.20 **Description** The issue is related to an unprotected memory-access operation in optee os, allowing a physically proximate adversary to bypass signature verification. This can lead to the installation of malicious trusted applications via electromagnetic fault injections. **Recommendations** For versions prior to 3.20, update to version 3.20 or later to resolve the issue. As a temporary workaround, consider implementing additional security measures to prevent electromagnetic fault injections, such as using a Faraday cage or other shielding methods to protect the device. Restrict physical access to the device to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.15.62 **Description** A null pointer dereference issue was discovered in the fs/io uring.c file in the Linux kernel. This issue could allow a local user to crash the system or potentially cause a denial of service. The exploitation of this issue may result in a disruption of service. **Recommendations** For Linux kernel versions prior to 5.15.62, update to version 5.15.62 or later to resolve the issue. As a temporary workaround, consider restricting access to the fs/io uring.c component to minimize the risk of exploitation.