Yang Yingliang

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue exists in the Linux kernel. The problem arises when the `platform get resource()` function returns NULL, and its return value is not checked. This can lead to a null-ptr-deref error. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue exists in the Linux kernel. The problem arises when the `platform get resource byname()` function returns NULL, and its return value is not properly checked. This can lead to a null-ptr-deref. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue was found in the Linux kernel, specifically in the `cadence nand dt probe()` function. This issue occurs when `platform get resource()` returns NULL, causing a null pointer dereference when using the `res` variable. To avoid this, the code was modified to move the usage of `res` after `devm ioremap resource()`, which checks for NULL. The code was also simplified using `devm platform get and ioremap resource()`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue was found in the Linux kernel, specifically in the drm/rockchip vop module. The problem occurs when `platform get resource()` returns NULL, and then `resource size()` is called, potentially leading to a null pointer dereference. To avoid this, the call to `resource size()` is moved after `devm ioremap resource()`, which checks the 'res' variable to prevent the null pointer dereference. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue was found in the Linux kernel, specifically in the `ebu nand probe()` function. This issue occurs when `platform get resource()` returns NULL, causing a null pointer dereference when using the `res` variable. To avoid this, the use of `res` is moved after `devm ioremap resource()`, which checks for NULL to prevent the null pointer dereference. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A memory leak issue has been identified in the Linux kernel, specifically in the ` thermal cooling device register()` function. The leak occurs when `device register()` fails, and `thermal cooling device destroy sysfs()` is not called to free the allocated memory. This issue was discovered during a fault injection test, which revealed an unreferenced object. The backtrace indicates that the memory allocation occurs in `kmalloc order trace()` and ` kmalloc()`, and the leak is caused by the failure to call `thermal cooling device destroy sysfs()` to free the memory. **Recommendations** To resolve this issue, ensure that `thermal cooling device destroy sysfs()` is called when `device register()` fails to free the allocated memory. As a temporary workaround, consider reviewing the code to ensure proper memory management in the ` thermal cooling device register()` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue was found in the Linux kernel, specifically in the sh pfc map resources() function. This issue occurs when the platform get resource() function returns NULL, causing a null pointer dereference when using the `res` variable. To fix this, the code was modified to move the usage of `res` after the devm ioremap resource() function, which checks for NULL to avoid the null pointer dereference. The devm platform get and ioremap resource() function was also used to simplify the code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue was found in the Linux kernel, specifically in the sh pfc map resources() function. This issue occurs when the platform get resource() function returns NULL, causing a null pointer dereference when using the 'res' variable. To avoid this, the code was modified to move the usage of 'res' after the devm ioremap resource() function, which checks for NULL. The devm platform get and ioremap resource() function was also used to simplify the code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a null pointer dereference in the `radeon crtc init()` function in the Linux kernel's drm/radeon module. This can be caused by not checking the return value of `alloc workqueue`. The vulnerability may allow an attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to incorrect error handling in the `mmc spi probe()` function. If `mmc add host()` fails, it should not call `mmc remove host()`, as this can cause a null pointer dereference due to the deletion of a device that was not added. The fix involves changing the label to 'fail glue init' if `mmc add host()` fails and modifying the label 'fail add host' to 'fail gpiod request'. This vulnerability may allow an attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The vulnerability is related to a resource leak in the Linux kernel's SDIO component. When `sdio add func()` or `sdio init func()` fails, `sdio remove func()` cannot release the resources because the SDIO function is not presented in these cases, resulting in a potential leak. The issue is fixed by making `sdio func present()` control whether `device del()` needs to be called or not and always calling `of node put()` and `put device()`. In error cases in `sdio init func()`, moving `get device()` to `sdio alloc func()` and `put device()` to `sdio release func()` keeps the get/put function balanced. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue exists in the Linux kernel. The problem arises when the `platform get resource byname()` function returns NULL, and its return value is not checked. This can lead to a null pointer dereference. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A refcount leak issue in the Linux kernel has been identified and resolved. The problem occurs in the `nv1a ram new()` function, where a PCI device reference count is not properly decremented after use. According to the comment for `pci get domain bus and slot()`, this function returns a PCI device with an incremented reference count, and the caller is responsible for decrementing the count by calling `pci dev put()` when finished using the device. This issue can be avoided by calling `pci dev put()` after using the PCI device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to an unbalanced node reference count in the Linux kernel's net component, specifically in the mdiobus subsystem. This can lead to a memory leak. The problem occurs when the `fwnode` is not an ACPI node, and the reference count is incremented in `fwnode mdiobus phy device register()`, but never decremented when the device is freed. To fix this, `fwnode handle put()` is called in `phy device release()`. If the `fwnode` is an ACPI node, the reference count is not incremented, but it is decremented in the error path, so `fwnode handle get()` is called before `phy device register()` to balance the get/put operation. The estimated number of potentially affected devices is not provided. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for the unbalanced node reference count in the mdiobus subsystem. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.1.0-rc3+ **Description** A null pointer dereference issue has been identified in the Linux kernel. The issue occurs when the `probe()` function fails in `phy attach direct()`, causing a null pointer dereference in ` device release driver()` while deleting a device. This is due to the `knode driver->n klist` not being set when `device bind driver()` is not called after a failed `probe()`. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Linux kernel versions prior to 6.1.0-rc3+, consider updating to a newer version that includes the fix for this issue. As a temporary workaround, setting `dev->driver` to NULL in the error path in `phy attach direct()` can prevent the null pointer dereference. However, this is a code-level fix and may require recompiling the kernel. At the moment, there is no information about a newer version that contains a fix for this vulnerability, but updating to the latest available version is recommended.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to incorrect locking in the xen-netback driver of the Linux kernel, which can be exploited to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the `kfree skb()` function in the xen-netback driver of the Linux kernel, which is associated with incorrect locking. Exploitation of this issue may allow an attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue was found in the Linux kernel, specifically in the davinci voicecodec module. The problem occurs when the `platform get resource()` function returns NULL, causing a null pointer dereference when using the `res` variable. To fix this, the code was modified to move the usage of `res` after the `devm ioremap resource()` function, which checks for NULL pointers. Additionally, the `devm platform get and ioremap resource()` function was used to simplify the code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A null pointer dereference issue was found in the Linux kernel, specifically in the arm smmu device probe() function. This issue occurs when the platform get resource() function returns NULL, causing a null pointer dereference when using the 'res' variable. To avoid this, the code has been modified to move the usage of 'res' after the devm ioremap resource() function, which checks for NULL. Additionally, the devm platform get and ioremap resource() function is used to simplify the code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability in the Linux kernel has been identified, specifically in the iommu/arm-smmu-v3 component. The issue arises when the `platform get resource()` function returns NULL, potentially leading to a null pointer dereference. It is crucial to check the return value of this function to prevent such errors. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.