Meng Li

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A deadlock issue occurs in the Linux kernel when the `CONFIG USB DWC3 DUAL ROLE` configuration is selected and the system is triggered to enter suspend status with the command `echo mem > /sys/power/state`. The issue is exposed by a commit that removes the code checking whether `dwc->gadget driver` is NULL or not, causing a deadlock when trying to get the spinlock. The root cause is another commit that forgot to remove the lock of otg mode during gadget suspend/resume. The detailed invoking path involves the functions `dwc3 suspend common()`, `dwc3 gadget suspend(dwc)`, and `dwc3 gadget soft disconnect(dwc)`, with the `spin lock irqsave(&dwc->lock, flags)` being called twice, leading to the deadlock. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a memory leak in the Linux kernel's regmap function. Specifically, the `regmap debugfs exit()` function frees the `debugfs name` but it is not created again due to an if condition introduced by an upstream commit. This can lead to a memory leak when calling `regmap attach dev`. The vulnerability may allow an attacker to disclose protected information or cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.