Kim Phillips

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.9.0-rc1+ #29 **Description** A null pointer dereference vulnerability has been resolved in the Linux kernel. The issue is induced by DEBUG TEST DRIVER REMOVE and occurs when the psp device or sev device structs are not initialized. This results in a kernel NULL pointer dereference. The vulnerability is related to the crypto: ccp module, specifically in the sev snp shutdown locked function. **Recommendations** To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, for versions prior to 6.9.0-rc1+ #29, update to 6.9.0-rc1+ #29 or later. As a temporary workaround, consider disabling the sev snp shutdown locked function until a patch is available. However, this may have unintended consequences and should be approached with caution.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.8.0-rc1+ #311 **Description** The vulnerability is related to a null pointer dereference in the ` sev platform shutdown locked` function. This issue can be triggered when the SEV platform device is shut down with a null `psp master`, for example, using `DEBUG TEST DRIVER REMOVE`. The vulnerability was found using KASAN (Kernel Address Sanitizer). Technical details about exploitation include: - **Function Name:** ` sev platform shutdown locked` - **Vulnerable Parameter or Variable:** `psp master` **Recommendations** To resolve this issue, update the Linux kernel to a version that includes the fix for the null pointer dereference in ` sev platform shutdown locked`. Specifically, versions 6.8.0-rc1+ #311 and later should include this fix. As a temporary workaround, consider disabling the ` sev platform shutdown locked` function until a patch is available. However, this may have unintended consequences on system functionality and should be approached with caution. For versions prior to the fixed version, there is no information about a newer version that contains a fix for this vulnerability.