Tal Lossos

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions v6.0-rc1 through v6.0-rc3 **Description** A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in the `nvmet setup auth()` function, allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. **Recommendations** For Linux kernel versions v6.0-rc1 through v6.0-rc3, update to version v6.0-rc4 or later to resolve the issue. As a temporary workaround, consider disabling the `nvmet setup auth()` function until a patch is available. Restrict access to the NVMe functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NVIDIA GPU Display Driver for Linux (affected versions not specified) **Description** The issue is related to a null-pointer dereference in the kernel mode layer of the NVIDIA GPU Display Driver for Linux. A local user with basic capabilities can exploit this to cause a denial of service. The vulnerability is associated with pointer dereference errors, which can be exploited by an attacker to disrupt service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.