Nick Child

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: A use-after-free issue exists in the Linux kernel, specifically in the ibmvnic module. After sending a buffer to VIOS, it is invalid to access the skb memory because the VIOS can trigger an interrupt to free this memory at any point. A race between reading skb->len and freeing the skb is possible, resulting in a use-after-free error. This issue can occur especially during LPM. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the ibmvnic driver in the Linux kernel, where a memory leak could occur due to the lack of a check to ensure that the skb address is null. This could cause tcp congestion control to stop sending packets, eventually leading to ETIMEDOUT. The driver has been updated to add a conditional check to prevent this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.