Zichen Xie

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A possible NULL dereference vulnerability has been identified in the Linux kernel, specifically in the ALSA core. The issue is caused by the function `kunit kzalloc()`, which may return a NULL pointer. Without a NULL check, dereferencing this pointer can lead to a NULL dereference. To address this issue, NULL checks have been added for all `kunit kzalloc()` calls in `sound kunit.c`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A potential null dereference vulnerability has been resolved in the Linux kernel's kunit module. The issue occurs in the `kunit device driver test()` function, where `kunit kzalloc()` may return a NULL pointer. If this pointer is dereferenced without a NULL check, it can lead to a null dereference. To fix this, a NULL check has been added for `test state`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61 Description: A NULL Pointer Dereference issue has been identified in the Linux kernel, specifically in the `asoc qcom lpass cpu platform probe()` function. This issue arises when a `devm kzalloc()` call returns a NULL pointer without additional checks, potentially triggering a NULL Pointer Dereference. The fix involves adding a NULL check for the returned pointer. Recommendations: For versions prior to 6.6.61, update to version 6.6.61 or later to resolve the issue. As a temporary workaround, consider adding a NULL check for the returned pointer in the `asoc qcom lpass cpu platform probe()` function until a patch is available.