Disha Goel

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A race condition in the Linux kernel's quota management has been resolved. The issue occurs when the quota writeback is called from the `freeze super()` path, which does not always flush the `quota release work` queue. This can lead to a situation where the kernel tries to flush the workqueue while the filesystem is frozen, resulting in a `WARN ON` warning. The issue was detected on a PowerPC machine with 15 cores and can cause generic/390 to fail due to dmesg noise. **Recommendations** To avoid this issue, make sure to flush the `quota release work` queue during `dquot writeback dquots()` to prevent any pending workitems after freeze. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue concerns the Linux kernel, specifically the powerpc/mm/fault component, where a problem with kfence page fault reporting has been resolved. The `copy from kernel nofault()` function can be called when reading from `/proc/kcore`, which may contain unmapped kfence objects, leading to page faults. To handle such faults, the fixup table defined by the ` nofault()` functions is used instead of relying on kfence. This can be triggered by attempting to read from `/proc/kcore`, for example, using the command `dd if=/proc/kcore of=/dev/null bs=1M`. The issue involves the `copy from kernel nofault()` function and the `/proc/kcore` endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.