Shisong Qin

**Name of the Vulnerable Software and Affected Versions** Linux Kernel (affected versions not specified) **Description** A vulnerability was found in the Linux Kernel related to the `spk ttyio receive buf2()` function. The issue is associated with pointer dereference errors, specifically dereferencing `spk ttyio synth` without checking if it is NULL, which may lead to a NULL-ptr deref crash. Exploitation of this vulnerability could allow an attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 5.9.9 **Description** An issue in the Linux kernel's speakup driver allows local attackers to cause a denial of service attack. This occurs due to an invalid free when the line discipline is used more than once. The issue is related to the `spk ttyio.c` component. **Recommendations** For Linux kernel versions through 5.9.9, consider disabling the speakup driver to prevent exploitation until a patch is available. Restrict access to the `spk ttyio.c` component to minimize the risk of a local denial of service attack.