Rolf Eike Beer

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.15.4-gentoo-parisc64 #4 **Description** The vulnerability is caused by overrunning the sglist and incorrectly testing `sg dma len(sglist)` before `nents`. Normally, this doesn't cause a crash, but in this case, `sglist` crossed a page boundary. The bug occurs in the following code: `while (sg dma len(sglist) && nents--)`. The fix is simply to test `nents` first and move the decrement of `nents` into the loop. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for the parisc: Fix data TLB miss in `sba unmap sg` vulnerability. Specifically, update to a version later than 5.15.4-gentoo-parisc64 #4. Note: The provided information does not specify the exact version that includes the fix, so it is recommended to update to the latest available version of the Linux kernel.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A sysfs leak in the `alloc iommu()` function has been resolved. The `iommu device sysfs add()` function is called before, and it has to be cleaned on subsequent errors. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.