Manivannan Sadhasivam

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability has been resolved in the Linux kernel. The issue is related to the scsi: ufs: core, where the RTC work is not cancelled during ufshcd remove(), leading to a NULL pointer dereference. This occurs because the RTC work accesses the ufshcd internal structures and should be cancelled when ufshcd is removed. The vulnerability can result in a kernel NULL pointer dereference at a virtual address. **Recommendations** To resolve the issue, cancel the RTC work during ufshcd remove(), following the order in ufshcd init(). As a temporary workaround, consider disabling the `ufshcd rtc work` function until a patch is available. Restrict access to the ufshcd internal structures to minimize the risk of exploitation. Avoid triggering the RTC work after ufshcd remove() until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability in the Linux kernel has been resolved, specifically in the scsi: ufs: qcom module. The issue occurs when platform MSIs are not freed when ESI is enabled, resulting in a NULL pointer dereference. This can lead to a kernel crash, as shown in the call trace. The vulnerability affects the `mutex lock`, `platform device msi free irqs all`, `ufs qcom remove`, and other functions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.58 **Description** A critical vulnerability in the Linux kernel's PCI keystone component has been fixed. The issue involved the `ks pcie quirk()` function, where an if-statement expression accidentally used `&&` instead of `||`, potentially resulting in a NULL dereference. This fix corrects the if-statement expression to use the correct condition. **Recommendations** For versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider restricting access to the PCI keystone component until a patch is available.