Jan Jablonsky

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the incorrect use of a list iterator in the fastrpc req mem unmap impl function. The list iterator value 'map' is always set and non-NULL by list for each entry(), making it incorrect to assume it will be NULL if the list is empty. This leads to a kernel crash with a trace indicating an inability to handle kernel access to user memory outside uaccess routines. The crash occurs in the fastrpc map create function, which is called by fastrpc req mem map, fastrpc device ioctl, and ultimately by the arm64 sys ioctl system call. **Recommendations** To fix the bug, use a new variable 'iter' as the list iterator, while using the original variable 'map' as a dedicated pointer to point to the found element. At the moment, there is no information about a newer version that contains a fix for this vulnerability.