Naohiro Aota

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue arises from the mechanism introduced to prevent a write hole of an extent buffer in the Btrfs file system. When `btrfs clear buffer dirty()` marks an extent buffer as `EXTENT BUFFER ZONED ZEROOUT` and skips the entry function, it can lead to two problems if this call happens while the buffer is under IO (with the `WRITEBACK` flag set, without the `DIRTY` flag). Firstly, it can result in adding a faulty delayed reference item, leading to a file system corrupted (EUCLEAN) error. Secondly, it can write out a cleared tree node on disk. However, the chance of hitting the corruption is relatively small because the corrupted node will be invalidated in the next transaction commit anyway. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to a NULL pointer dereference in the Linux kernel's scsi: target: pscsi component. This occurs when a bio allocated by `bio kmalloc()` is not properly freed by `bio uninit()` and `kfree()` in the error case, resulting in a WARN and NULL pointer dereference in `bio free()`. The vulnerability may allow an attacker to cause a denial of service. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.13.4 **Description** The issue is related to the btrfs implementation in the Linux kernel, which can lead to a denial of service due to uncontrolled memory allocation. This can occur when there is a shortage of free space in the system space info, and processes trigger the allocation of new system chunks. As a result, an attacker can cause a deadlock. **Recommendations** For Linux kernel versions prior to 5.13.4, update to version 5.13.4 or later to resolve the issue. As a temporary workaround, consider restricting system chunk allocation during times of low free space in the system space info to minimize the risk of exploitation.