Pavel Skripkin

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver. This issue arises when a user forces the `ath9k htc wait for target` function to fail with some input messages, allowing a local user to crash or potentially escalate their privileges on the system. The flaw is related to an error in the way the driver handles certain input messages, which can lead to unauthorized access to kernel memory, resulting in a system crash or leakage of internal kernel information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a use-after-free bug in the dpaa2-eth component of the Linux kernel. Access to netdev after free netdev() will cause this bug. The problem is resolved by moving the debug log before the free netdev() call. This bug may allow an attacker to elevate privileges in the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a Use After Free (UAF) bug in the `fza probe` function. The `fp` variable, which is `netdev` private data, cannot be used after the `free netdev()` call. Using `fp` after `free netdev()` can cause a UAF bug. The fix involves moving the `free netdev()` call after the error message. The vulnerability is associated with the TURBOchannel adapter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a use-after-free (UAF) bug in the `emac remove` function. The `adpt` variable, which is netdev private data, cannot be used after the `free netdev()` call. Using `adpt` after `free netdev()` can cause a UAF bug. The fix involves moving the `free netdev()` call to the end of the function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A use-after-free (UAF) bug has been resolved in the Linux kernel. The issue occurs because `priv`, which is netdev private data, cannot be used after the `free netdev()` call. Using `priv` after `free netdev()` can cause a UAF bug. The fix involves moving the `free netdev()` call to the end of the function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A potential use-after-free vulnerability has been resolved in the Linux kernel. The issue occurs in the `ec bhf remove` function, where the `priv` pointer is used after `free netdev` has been called. This can cause a use-after-free error when accessing the `priv` pointer. The fix involves moving the `free netdev` call after the `pci iounmap` calls. **Recommendations** To resolve the issue, move the `free netdev` call after the `pci iounmap` calls in the `ec bhf remove` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A memory leak vulnerability has been resolved in the Linux kernel. The issue was caused by a missing `free netdev()` call in the `mkiss close()` function, which led to a memory leak when the `mkiss open()` function allocated and registered a netdevice, but the `mkiss close()` function only unregistered it without freeing the memory. The vulnerability was identified by a syzbot instance, which detected the memory leak and provided a fail log with details of the unreferenced objects and backtraces. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A memory leak issue has been resolved in the Linux kernel. The problem occurs when the `caif enroll dev()` function fails, causing the allocated `link support` to not be assigned to the corresponding structure. To fix this, the allocated pointer is freed in case of an error. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.