Yuan Ming

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.17.6 **Description** The issue is related to a concurrency use-after-free flaw in the raw cmd ioctl function after deallocating raw cmd, which can lead to a denial of service. This flaw is located in the drivers/block/floppy.c component of the Linux kernel. **Recommendations** For versions prior to 5.17.6, update to version 5.17.6 or later to resolve the issue. As a temporary workaround, consider disabling the raw cmd ioctl function until a patch is available. Restrict access to the drivers/block/floppy.c component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a race problem in the `vt k ioctl` function in the Linux kernel, specifically in the `drivers/tty/vt/vt ioctl.c` file. This problem may cause an out of bounds read in `vt` due to the lack of protection by a lock for write access to `vc mode` in `vt ioctl` (KDSETMDE). The primary threat posed by this issue is to data confidentiality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux Kernel versions prior to 5.9.2 **Description** The issue is related to a use-after-free flaw in the Linux Kernel's tty subsystem, which can be exploited to gain access to sensitive information or cause a denial of service. The problem arises from improper synchronization of access to the global variable `fg console`, leading to a use-after-free condition in `con font op`. **Recommendations** For Linux Kernel versions prior to 5.9.2, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to the `con font op` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a use-after-free flaw in the Linux kernel's console subsystem, specifically in the way it uses ioctls `KDGKBSENT` and `KDSKBSENT`. This could allow a local user to gain read access to memory out of bounds, posing a threat to data confidentiality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.