Tvrtko Ursulin

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue concerns an out of bounds access in the performance query extensions of the Linux kernel's drm/v3d component. It involves checking that the number of perfmons userspace is passing in the copy and reset extensions does not exceed the internal kernel storage capacity where the ids will be copied into. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the incorrect blocking of resources in the `v3d job start stats()` function of the Linux kernel. This can potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability is caused by the failure to disable preemption around the `write seqcount begin/end()` pair while updating GPU stats. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.10.3-v8-16k-numa #151 **Description** The issue is related to an out-of-bounds read in the `v3d csd job run()` function. This happens because the UAPI provides only seven configuration registers, but the code is reading the eighth position of the ` u32 [7]` array. The eighth register exists on V3D 7.1 but is not currently used. To fix this, the code should access only seven positions on the ` u32 [7]` array. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for the out-of-bounds read in `v3d csd job run()`. As a temporary workaround, consider restricting access to the `v3d csd job run()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to preventing out of bounds access in performance query extensions in the Linux kernel's drm/v3d component. It involves checking that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be copied into. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A potential memory leak in the timestamp extension of the Linux kernel's drm/v3d component has been resolved. The issue occurs when fetching of userspace memory fails during the main loop, causing all drm sync objs looked up until that point to be leaked due to the missing drm syncobj put. The fix involves exporting and using a common cleanup helper. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a NULL pointer dereference in the i915 perf interface of the Linux kernel. When the i915 perf interface is not available, dereferencing it will lead to NULL dereferences. The problem can cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality, allowing a local user to crash the system or escalate their privileges on the system. This flaw can also be exploited to access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.