Li Rongqing

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue arises in CoCo VMs where an untrusted host can cause `set memory decrypted()` to fail, leading to shared memory. To prevent functional or security issues, callers must handle these errors to avoid returning decrypted memory to the page allocator. When `set memory decrypted()` fails, the decrypted memory is leaked, and an error is not printed because `set memory decrypted()` calls `WARN ONCE()`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a possible Use-After-Free in the irq process work list function of the dmaengine: idxd driver in the Linux kernel. This occurs due to a race condition when the descriptor is freed via idxd desc complete() and reused by another thread without being deleted from the list, potentially causing issues for the list iterator. The vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.