Hanfang Zhang

**Name of the Vulnerable Software and Affected Versions** jhead version 3.00 **Description** The issue is related to the ProcessGpsInfo function in the gpsinfo.c file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file. This is due to an inconsistency between float and double in a sprintf format string during TAG GPS ALT handling. **Recommendations** For jhead version 3.00, as a temporary workaround, consider disabling the ProcessGpsInfo function until a patch is available. Restrict access to handling of TAG GPS ALT to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: ALT Linux (affected versions not specified) Description: The issue concerns a package vulnerability in ALT Linux. No further details are provided about the nature of the vulnerability, affected devices, or real-world incidents. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.