Luo Qiu

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.19.90+ **Description** The issue is related to a null pointer dereference in the Linux kernel's firmware for ARM SCPI. This can cause a kernel crash when the SCPI firmware returns an OPP count of zero. The `dvfs info.opp count` may be zero on some platforms during the reboot test, leading to a kernel crash after dereferencing the pointer to `kcalloc(info->count, sizeof(*opp), GFP KERNEL)`. The vulnerability can be exploited to cause a denial of service. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.