Stefan Agner

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a use-after-free error in the iwlwifi module of the Linux kernel. When no firmware is present or all firmware files fail to parse, the device release driver() function is called, leading to the removal of the 'drv' struct. However, the new code still attempts to access the freed struct, causing an error. Setting 'failure=false' can avoid this access. The vulnerability may impact the confidentiality, integrity, and availability of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a shutdown crash in the Linux kernel when the main component is not probed, for example, when the dw-hdmi module is not loaded yet or in probe defer. This results in a kernel NULL pointer dereference at a virtual address. The call trace includes functions such as `meson drv shutdown()`, `platform drv shutdown()`, `device shutdown()`, `kernel restart prepare()`, `kernel restart()`, and ` arm64 sys reboot()`. To resolve this, it is recommended to check if the `priv` struct has been allocated before using it. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.