Jerry Snitselaar

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.9.0-0.rc7.58.eln136.aarch64 **Description** The vulnerability is related to the iommu/arm-smmu component in the Linux kernel. It was caused by a function pointer indirection issue in the `nvidia smmu context fault()` function, which is also installed as an IRQ function. The 'void *' was changed to a `struct arm smmu domain`, but since the `iommu domain` is embedded at a non-zero offset, this causes `nvidia smmu context fault()` to miscompute the offset. The issue results in a kernel NULL pointer dereference at a virtual address. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability has been resolved in the Linux kernel, specifically in the crypto: iaa component. The issue occurs when `nr cpus` is less than `nr iaa`, causing the calculated `cpus per iaa` to be 0, which leads to a divide-by-0 error in the `rebalance wq table()` function. To fix this, `cpus per iaa` is set to 1 in such cases, as well as when `nr iaa` equals 0, for added security. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.