Maxime Ripard

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A issue in the Linux kernel has been identified where a NULL pointer dereference can occur when calling clk hw get clk() on a clk hw struct with a NULL device pointer. This happens because the dev field in a registered clk core structure can be NULL, as seen in the usage of clk register and clk hw register with a NULL device pointer. The core of clk hw register() function also passes a NULL device pointer. A test has been added to handle this case, using NULL as the dev id if the device pointer is NULL. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to a use-after-free vulnerability in the Linux kernel's kms component. It occurs because a pointer is not cleared after use, which can lead to a stale pointer being copied to a new state. This can cause a denial of service. The vulnerability is related to the `drm crtc commit put` function and the `drm/vc4` module. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the Linux kernel's HDMI component, specifically with the unregistering of the codec device when unbinding. This can lead to a device leakage. On bind, the HDMI codec device is registered, but it is not unregistered on unbind. The exploitation of this issue may allow an attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.