Sicong Huang

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a use-after-free bug in the `gb interface release` function due to a race condition. This occurs when `gb interface create` binds `&intf->mode switch completion` with `gb interface mode switch work`, which is then started by `gb interface request mode switch`. If `gb interface release` is called to make cleanup, there may be an unfinished work, and if `gb interface mode switch work` is scheduled to run after `kfree`, it may cause a use-after-free error. The exploitation of this issue may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.48 **Description** A null pointer dereference issue has been identified in the Linux kernel, specifically in the `cx23885 vdev init()` function. This function can return a NULL pointer, which is then used without a check, potentially leading to a system crash. Local attackers may exploit this issue to crash the system. **Recommendations** For Linux kernel versions prior to 6.6.48, upgrade the kernel to a version that includes the fix for this issue, such as version 6.6.48 or later. As a temporary workaround, consider adding a NULL pointer check in the `cx23885 vdev init()` function to prevent the null pointer dereference.