Xinqi Zhang

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.38-debug **Description** The issue is related to a slab-use-after-free vulnerability in the scmi bus notifier() function. This occurs because the scmi dev->name is released prematurely in scmi device destroy(), causing a slab-use-after-free when accessing scmi dev->name in scmi bus notifier(). The vulnerability can be exploited to impact the confidentiality, integrity, and availability of protected information. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for the slab-use-after-free vulnerability in scmi bus notifier(). As a temporary workaround, consider disabling the scmi bus notifier() function until a patch is available. Restrict access to the scmi dev->name variable to minimize the risk of exploitation. Avoid using the scmi device release() function until the issue is resolved.