Colin Watson

**Nome do software vulnerável e versões afetadas** Versões do Grub2 anteriores à 2.04 **Descrição** O problema está relacionado à implementação das funções `grub cmd initrd` e `grub initrd init` no Grub2, que podem ser exploradas passando um grande número de argumentos para o comando `initrd` em arquiteturas de 32 bits, ou utilizando um sistema de arquivos manipulado com arquivos muito grandes em qualquer arquitetura. Isso pode levar a um estouro de buffer baseado em heap, permitindo que um invasor execute código arbitrário, contorne as restrições do UEFI Secure Boot e comprometa a confidencialidade e a integridade dos dados. **Recomendações** Para versões do Grub2 anteriores à 2.04, atualize para uma versão que inclua a correção para este problema a fim de evitar a exploração. Como solução temporária, considere restringir o uso do comando `initrd` em arquiteturas de 32 bits para minimizar o risco de exploração. Além disso, evite usar sistemas de arquivos criados com arquivos muito grandes até que o problema seja resolvido.

**Name of the Vulnerable Software and Affected Versions** click versions (affected versions not specified) **Description** The issue allows remote attackers to install an alternate security policy and gain privileges via a crafted package. This can be demonstrated by the test.mmrow app for Ubuntu phone. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** glibc versions prior to 2.15-r3 GNU C Library (glibc) versions 2.5-49.el5 5.6 GNU C Library (glibc) versions 2.12-1.7.el6 0.3 **Description** The issue concerns multiple vulnerabilities in the glibc package, which can lead to breaches of confidentiality, integrity, and availability of protected information. Exploitation can occur locally. Specifically, untrusted search path vulnerabilities in certain modified versions of glibc allow local users to gain privileges via a crafted dynamic shared object in a subdirectory of the current working directory during execution of a setuid or setgid program. **Recommendations** For glibc versions prior to 2.15-r3, update to version 2.15-r3 or later to resolve the issue. For GNU C Library (glibc) versions 2.5-49.el5 5.6 and 2.12-1.7.el6 0.3, consider disabling the setuid and setgid programs that have $ORIGIN in RPATH or RUNPATH until a patch is available. As a temporary workaround, restrict access to subdirectories of the current working directory to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** open-iscsi versions in SUSE openSUSE 10.3 through 11.1 open-iscsi versions in SUSE Linux Enterprise (SLE) 10 SP2 and 11 **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name. **Recommendations** For open-iscsi in SUSE openSUSE 10.3 through 11.1, consider restricting access to the iscsi discovery function until a patch is available. For open-iscsi in SUSE Linux Enterprise (SLE) 10 SP2 and 11, consider restricting access to the iscsi discovery function until a patch is available.