Nick Bowler

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue arises from systems where cpu possible mask has gaps between set CPUs, such as SPARC. In this scenario, the addr to vb xa() hash function can return an index that accesses not-possible and not setup CPU areas using the per cpu() macro, resulting in an oops on SPARC. A per-cpu vmap block queue is also used as a hash table, incorrectly assuming cpu possible mask has no gaps. The fix involves adjusting the index to the next possible CPU. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.1 **Description** The issue allows local users to cause a denial of service, potentially resulting in a NULL pointer dereference and OOPS, or possibly have other unspecified impacts. This can be triggered by a failed or missing `ghash setkey` function call, followed by either a `ghash update` function call or a `ghash final` function call, as demonstrated by a write operation on an AF ALG socket. **Recommendations** For Linux kernel versions prior to 3.1, update to version 3.1 or later to resolve the issue.