Thinh Nguyen

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the Linux kernel's USB gadget functionality, specifically the dwc3 driver. It involves a null pointer dereference that can occur when handling partially completed requests. The `dwc3 request->num queued sgs` variable is decremented upon completion, but if a request is only partially completed, this variable no longer accurately reflects the total number of queued SG entries. This can lead to a null pointer dereference when attempting to access a non-existent SG entry. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability in the Linux kernel has been resolved. The issue is related to the USB gadget functionality, specifically in the f tcm module. The problem occurs when a command is freed prematurely, before the status completion of the sense status, which can lead to a double-free error. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.