Li Nan

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A deadlock vulnerability has been resolved in the Linux kernel. The issue occurs when the kernel is being suspended while a flush bio is in progress, causing a complex deadlock scenario. The root cause is the non-atomic increment and decrement of `active io` during the flush process. To fix the issue, the kernel now ensures that `active io` is only incremented and decremented once during the entire flush process. Additionally, a WARN ON has been added to prevent future modifications from introducing issues. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to an overflow in the `blk ioctl discard()` function when the `start + len` parameter exceeds the maximum allowed value. This can cause a hung task if a discard ioctl is submitted with specific parameters, such as `start = 0x80000000000ff000` and `len = 0x8000000000fff000`. The problem has been resolved by adding overflow validation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability has been resolved in the Linux kernel, where a memory leak occurs when `kobject add()` fails in `bind rdev to array()`, causing `rdev->serial` to be allocated but not freed. This results in a kmemleak. The issue is related to the `md` module and involves the `bind rdev to array()` function. The vulnerability can be exploited through the `md ioctl()` function, which is used to interact with the `md` module. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.