Xiao Ni

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A double free vulnerability in the Linux kernel has been resolved. The issue was related to the io acct set bioset, which was being freed twice. This was due to the codes that free io acct set in md free and md stop, in addition to its allocation and freeing in personality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the async xor function in the Linux kernel, which can cause data corruption problems due to incorrect calculation of xor values when sharing one page if PAGE SIZE is not equal to stripe size. In RMW mode, the parity page is used as a source page, and the ASYNC TX XOR DROP DST flag is set before calculating the xor value in ops run prexor5. However, it only needs src list, resulting in incorrect xor values. This problem can be reproduced on a POWER8 machine using specific steps, including creating a RAID device, formatting it with XFS, and mounting it. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.