Yuehaibing

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.4.6 **Description** The issue is related to a use-after-free vulnerability in the Linux kernel's CAN BCM, specifically in the `bcm proc show()` function. This vulnerability can be exploited to impact the confidentiality, integrity, and availability of protected information. The `bcm op` is freed before the procfs entry is removed in `bcm release()`, leading to `bcm proc show()` potentially reading the freed `bcm op`. **Recommendations** To resolve the issue, upgrade the Linux kernel to a version later than 6.4.6. As a temporary workaround, consider restricting access to the vulnerable `bcm proc show()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a potential use-after-free in the `ravb rx gbeth()` function. This occurs because the `skb` is delivered to `napi gro receive()`, which may free it. After this call, dereferencing `skb` can trigger a use-after-free condition. This vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a potential use-after-free in the Linux kernel's hsr module. This occurs when the skb is delivered to `netif rx()`, which may free it, and subsequent dereferencing of skb can trigger a use-after-free. This could allow an attacker to cause a denial of service or potentially elevate their privileges, impacting the confidentiality, integrity, and availability of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.1.6 **Description** The issue is related to the mwifiex tm cmd in the Linux kernel, which has some error-handling cases that did not free allocated hostcmd memory. This will cause a memory leak and denial of service. An attacker can exploit this to cause a denial of service. **Recommendations** For Linux kernel versions prior to 5.1.6, update to version 5.1.6 or later to resolve the issue. As a temporary workaround, consider disabling the mwifiex tm cmd function until a patch is available. Restrict access to the vulnerable cfg80211.c module to minimize the risk of exploitation.