Quanyang Wang

**Name of the Vulnerable Software and Affected Versions** Linux kernel version 6.8.0-rc1-yocto-standard #323 **Description** The vulnerability is related to the crypto: xilinx module in the Linux kernel. When calling `crypto finalize request`, BH should be disabled to avoid triggering a calltrace. The issue is caused by the lack of BH disabling, which can lead to a warning and a calltrace. The calltrace includes functions such as `crypto finalize request`, `crypto finalize aead request`, `zynqmp handle aes req`, `crypto pump work`, `kthread worker fn`, and `kthread`. **Recommendations** To resolve the issue, ensure that BH is disabled when calling `crypto finalize request`. This can be achieved by modifying the code to disable BH before calling the function. For Linux kernel version 6.8.0-rc1-yocto-standard #323, update the kernel to a version that includes the fix for this issue. If no specific fix is provided for the kernel version, consider updating to a newer kernel version that includes the necessary patches.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The vulnerability is related to the spi-zynqmp-gqspi controller in the Linux kernel, which supports 44-bit address space on AXI in DMA mode. If the `dma map single` function fails, it should return immediately instead of continuing with the DMA operation based on an invalid address. This issue fixes a crash that occurs when reading a big block from flash, which is caused by a swiotlb buffer being full and an invalid memory mapping. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A use-after-free issue has been resolved in the Linux kernel, specifically in the spi-zynqmp-gqspi component. The issue occurs when handling `op->addr`, which uses the buffer "tmpbuf" after it has been freed, triggering a use-after-free KASAN warning. To fix this issue, temporary variables are used to store `op->addr.val` and `op->cmd.opcode`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.