John Stultz

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A bug in the Linux kernel's KVM (Kernel-based Virtual Machine) implementation allows the guest's DR6 value to be clobbered when the guest modifies DR6 and then a fastpath VM-Exit occurs. This issue primarily affects nested VMX setups, where the window between hardware DR6 being modified and DR6 being read by guest software is larger. The bug can cause the guest's actual DR6 value to be lost. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a lifetime problem in the Linux kernel's locking/ww mutex/test component, where the controlling thread that spawns work allocates "struct stress" structures passed to workqueue threads. When these threads finish, they free the stress struct, which contains the workqueue work struct node. This can lead to the work struct being freed before the work thread returns and while flush workqueue is waiting, causing crashes as mutexes are freed while being used. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the usb: dwc3: core: Do core softreset when switch mode in the Linux kernel. According to the programming guide, to switch mode for DRD controller, the driver needs to follow specific steps. However, steps 1 and 3 are missing when switching from host to device, which can cause a lockup issue, as reported by John Stult with the HiKey960 platform and observed with Ferry's testing platform. The main fixes include adding the missing wait for clocks synchronization before clearing GCTL.CoreSoftReset and only applying DCTL.CSftRst when switching from host to device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12-rc4 Description: The issue is related to a buffer overflow in the sound/soc/qcom/sdm845.c soundwire device driver of the Linux kernel. This occurs when an unexpected port ID number is encountered. Exploitation of this issue could allow a remote attacker to gain unauthorized access to protected information. Recommendations: For Linux kernel versions prior to 5.12-rc4, update to version 5.12-rc4 or later to resolve the issue. As a temporary workaround, consider restricting access to the soundwire device driver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** openSUSE (affected versions not specified) **Description** The issue affects the confidentiality, integrity, and availability of protected information in openSUSE. It can be exploited remotely, leading to a denial of service or other security breaches. The vulnerability is related to multiple packages in openSUSE, including kernel modules and system utilities. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.