Adam Sampson

**Name of the Vulnerable Software and Affected Versions** das watchdog version 0.9.0 **Description** The issue allows local users to execute arbitrary code with root privileges through a buffer overflow in the `das watchdog` software. This is achieved by providing a large string in the `XAUTHORITY` environment variable. **Recommendations** For das watchdog version 0.9.0, consider restricting access to the `XAUTHORITY` environment variable to prevent exploitation until a patch is available. As a temporary workaround, avoid using large strings in the `XAUTHORITY` variable. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** X.Org xf86-video-intel version 2.99.911 **Description** A directory traversal issue exists, allowing remote attackers to create or overwrite arbitrary files by including a .. (dot dot) in the interface name. **Recommendations** For version 2.99.911, update to a newer version that contains a fix for this issue.