Mathieu Desnoyers

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The vulnerability is related to the `sys membarrier` function in the Linux kernel's `membarrier` component. It can cause a denial of service due to uncontrolled resource consumption. On some systems, `sys membarrier` can be very expensive, leading to overall slowdowns. To prevent this, a lock has been put on the path to serialize accesses and prevent the function from being called at too high a frequency. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.1 **Description** The issue allows local users to cause a denial of service, resulting in a system crash, via crafted use of the sendmmsg system call. This is due to an incorrect pointer dereference in the sys sendmsg function in net/socket.c. **Recommendations** For Linux kernel versions prior to 3.1, update to version 3.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the sendmmsg system call to minimize the risk of exploitation.