Paul Mackerras

**Name of the Vulnerable Software and Affected Versions** ppp (affected versions not specified) **Description** The issue is related to the function `dumpppp` of the file `pppdump/pppdump.c` of the component `pppdump`. It involves improper validation of array index due to the manipulation of the argument `spkt.buf`/`rpkt.buf`. This could potentially allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. The real existence of this vulnerability is still doubted at the moment. **Recommendations** To fix this issue, it is recommended to apply a patch. The name of the patch is `a75fb7b198eed50d769c80c36629f38346882cbf`. As a temporary workaround, consider restricting the use of the `dumpppp` function until a patch is available. Additionally, note that `pppdump` is not used in the normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.18 **Description** The issue is caused by a conflicting use of HSTATE HOST R1 to store r1 state in kvmppc hv entry plus in kvmppc {save,restore} tm, leading to a stack corruption. An attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic. The vulnerability was introduced by two commits that landed in versions 4.8 and 4.17. **Recommendations** For Linux kernel versions prior to 4.18, update to version 4.18 or later to resolve the issue. As a temporary workaround, consider disabling the `kvmppc save tm()` and `kvmppc restore tm()` functions until a patch is available. Restrict access to the vulnerable `kvmppc hv entry` and `kvmppc {save,restore} tm` functions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.13.11 **Description** The issue allows local users to cause a denial of service, resulting in a system crash due to a NULL pointer dereference. This can be achieved by making a KVM CHECK EXTENSION KVM CAP PPC HTM ioctl call to the `/dev/kvm` API endpoint. **Recommendations** For Linux kernel versions prior to 4.13.11, update to version 4.13.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.8 **Description** The issue allows guest OS users to cause a denial of service, resulting in a host OS infinite loop. This occurs when a H CEDE hypercall is made during the existence of a suspended transaction, affecting PowerPC platforms with CONFIG KVM BOOK3S 64 HV enabled. **Recommendations** For Linux kernel versions prior to 4.8, update to version 4.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** openSUSE (affected versions not specified) **Description** The issue concerns multiple vulnerabilities in various packages of the openSUSE operating system, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.