Guanghui Feng

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to a use-after-free vulnerability in the `uio open` function of the Linux kernel. This vulnerability occurs due to a race condition between two cores, `core-1` and `core-2`, where `core-1` frees the `idev` memory after unregistering the device, but before `core-2` can access it, resulting in a use-after-free condition. Additionally, when `core-2` releases the device and puts it, the `idev` will be double-freed. The vulnerability can be addressed by getting the `idev` atomic and incrementing its reference with `minor lock`. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a softlockup in the Linux kernel's tty buffer component, specifically in the `flush to ldisc` function. This occurs when the sender and workqueue are running on different cores, and the sender sends data rapidly, causing the workqueue to loop indefinitely and resulting in a softlockup. The problem is resolved by adding `need resched` check and `cond resched` in the `flush to ldisc` loop. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.