Pratyush Brahma

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.74 **Description** A null pointer dereference occurs due to a race between the smmu driver probe and client driver probe. This happens when `of dma configure()` for the client is called after `iommu device register()` for the smmu driver probe has executed but before `driver bound()` for the smmu driver has been called. The race occurs between the smmu device probe and client device probe, leading to a null pointer being assigned to `smmu` and later dereferenced in `arm smmu probe device()`, causing the device to crash. **Recommendations** To resolve the issue, update to Linux kernel version 6.6.74 or later. As a temporary workaround, consider deferring the probe of the client device until the smmu device has bound to the arm smmu driver. Restrict access to the vulnerable `arm smmu probe device()` function until the issue is resolved. Avoid using the `of dma configure()` function in the affected API endpoint until the issue is resolved.