Wayne Lin

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability in the Linux kernel has been resolved. The issue was related to a commit that used the HW lock manager for PSR1, which could cause a system hang when connecting with two eDP panels. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue concerns memory corruption caused by array indices being out of bounds. To address this, checks have been added to ensure array indices stay within bounds, specifically in the drm/amd/display component of the Linux kernel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue occurs when a monitor connected after an MST hub is unplugged, resulting in a null pointer dereference. This happens because `dc sink` is released immediately in `early unregister()` or `detect ctx()`, and committing a new state that refers to information stored in `dc sink` causes a null pointer dereference. The problem is resolved by removing a redundant checking condition and resetting `dsc aux` to NULL when the connector is disconnected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a NULL dereference of the timing generator in the drm/amd/display component of the Linux kernel. This can be exploited to cause a denial of service. The vulnerability occurs when the assigned timing generator is NULL, and its functions are accessed without proper checks. To prevent this, the kernel now checks whether the assigned timing generator is NULL before accessing its functions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.