Jianglei Nie

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A potential memory leak in the ima init crypto() function has been identified. When the allocation of the SHA1 tfm fails, IMA fails to initialize and exits without freeing the `ima algo array`, leading to a memory leak. The issue is resolved by adding a missing `kfree()` for `ima algo array`. **Recommendations** For the affected Linux kernel versions, consider applying the patch that adds the missing `kfree()` for `ima algo array` to avoid the potential memory leak. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A memory leak issue has been identified in the Linux kernel, specifically in the `sfp probe()` function. This function allocates memory using `sfp alloc()`, but when `devm add action()` fails, the allocated memory is not freed, resulting in a memory leak. The issue can be resolved by using `devm add action or reset()` instead of `devm add action()`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions up to 5.19.9 **Description** The issue is related to a use-after-free vulnerability in the `adev release()` function in the Linux kernel's Platform Environment Control Interface (PECI) driver. This vulnerability occurs when `auxiliary device add()` returns an error, causing `auxiliary device uninit()` to be called, which decrements the refcount for the device and triggers the `.release` callback. As `adev release()` re-calls `auxiliary device uninit()`, it leads to a use-after-free condition. The vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** - For Linux kernel versions up to 5.19.9, patch to the latest kernel version to resolve the issue. - Identify affected systems and monitor for exploit attempts. - As a temporary workaround, consider restricting access to the vulnerable `adev release()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a use after free vulnerability in the arc emac component of the Linux kernel. This vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of data. The vulnerability occurs when `bus->state` is equal to `MDIOBUS ALLOCATED`, and `mdiobus free(bus)` frees the "bus", but `bus->name` is still used in the next line, leading to a use after free. The `arc mdio probe()` function is specifically affected. To fix this, the name can be put in a local variable, and `bus->name` can be made to point to the rodata section "name", then use the name in the error message without referring to `bus` to avoid the use after free. **Recommendations** As a temporary workaround, consider disabling the `arc mdio probe()` function until a patch is available. Restrict access to the vulnerable `arc emac` component to minimize the risk of exploitation. Avoid using the `bus->name` variable in the affected code until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A use after free issue has been identified in the Linux kernel, specifically in the crypto subsystem, ccree module. The problem arises when `kfree sensitive(ctx p->user.key)` frees the `ctx p->user.key`, but this key is still used afterwards, leading to a use after free condition. This can be mitigated by calling `kfree sensitive()` after `dev dbg()` to avoid the use after free. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A use after free issue has been identified in the Linux kernel, specifically in the `fc exch abts resp()` function. The `fc exch release(ep)` call decreases the reference count of `ep`, and when this count reaches zero, `ep` is freed. However, `ep` is still used in subsequent code, leading to a use after free condition. This issue is resolved by returning after the `fc exch release()` call to prevent the use after free. **Recommendations** To resolve this issue, update the Linux kernel to a version that includes the fix for the use after free in `fc exch abts resp()`. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a memory leak in the ` add inode ref()` function. Specifically, when the function returns in line 1184, the `victim name` allocated by `kmalloc()` in line 1169 is not freed, leading to a memory leak. This is similar to another part of the function where a memory chunk for `victim name` is allocated in line 1104 and released in line 1116. The fix involves calling `kfree()` on `victim name` when the return value of `backref in log()` is less than zero and before the function returns in line 1184. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A memory leak issue has been resolved in the Linux kernel. The problem occurs when the `nfp cpp area alloc()` function allocates and initializes a CPP area structure, but this structure is not freed when the cache allocation fails. This results in a memory leak. The issue can be fixed by freeing the CPP area when the cache allocation fails. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.