Friedrich Weber

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to an infinite loop in the `skb tx hash` function when a device is unregistering, causing a lockup. This occurs because some devices, like `net/dummy`, may still report a carrier status of OK while unregistering. The problem is fixed by checking both the carrier status and the running state of the device. The running state is handled by the net core during unregistering, making it a more reliable check. The estimated number of potentially affected devices is not provided, and there is no information about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the incorrect initialization of the `queuelist` in the Linux kernel's block component, specifically in the `blk-flush` functionality. This can lead to a kernel crash when the `list move tail` function is used on an uninitialized `queuelist`. The problem arises because the `queuelist` is not initialized for the first request in the `PREFLUSH` and `POSTFLUSH` sequences. To fix this, the code has been changed to use `list add tail` instead of `list move tail`, which eliminates the need for the `queuelist` to be initialized. Additionally, a `list del init` function has been added to the flush request callback to handle cases where the dm layer submits requests with an invalid format, which could cause double `list add` issues. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.