Hector Marco

**Name of the Vulnerable Software and Affected Versions** cryptsetup versions 2:1.7.3-2 and earlier **Description** The issue allows physically proximate attackers to gain shell access through multiple login attempts with an invalid password. **Recommendations** For versions 2:1.7.3-2 and earlier, update to a version later than 2:1.7.3-2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 4.5.2 **Description** The issue concerns the arch pick mmap layout function in the Linux kernel, which fails to properly randomize the legacy base address. This makes it easier for local users to bypass the ASLR protection mechanism for a setuid or setgid program by disabling stack-consumption resource limits, thus defeating the intended restrictions on the ADDR NO RANDOMIZE flag. **Recommendations** For Linux kernel versions through 4.5.2, update to a version that includes a fix for this issue to ensure proper randomization of the legacy base address and maintain the effectiveness of the ASLR protection mechanism.

**Name of the Vulnerable Software and Affected Versions** Grub2 versions 1.98 through 2.02 **Description** The issue is caused by multiple integer underflows that allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption). This can be achieved via backspace characters in the `grub username get` function in grub-core/normal/auth.c or the `grub password get` function in lib/crypto.c, triggering an "Off-by-two" or "Out of bounds overwrite" memory error. **Recommendations** For Grub2 versions 1.98 through 2.02, as a temporary workaround, consider disabling the `grub username get` and `grub password get` functions until a patch is available. Restrict access to the grub-core/normal/auth.c and lib/crypto.c modules to minimize the risk of exploitation. Avoid using backspace characters in the affected functions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Email application version 4.2.2.0200 **Description** The issue allows remote attackers to cause a denial of service, resulting in a persistent application crash. This can be achieved by sending an e-mail message with a `Content-Disposition: ;` header. **Recommendations** For Google Email application version 4.2.2.0200, consider avoiding the use of e-mail messages with a `Content-Disposition: ;` header until a fix is available. As a temporary workaround, restricting access to potentially malicious e-mails may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** glibc versions 2.4 through 2.17 eglibc versions 2.4 through 2.17 **Description** The issue is related to the PTR MANGLE implementation in glibc and eglibc, which does not properly initialize a random value for pointer protection. This can be exploited by a remote attacker to control execution flow by using a buffer overflow in an application and the known zero value of the pointer guard to calculate a pointer address in memory. **Recommendations** For glibc versions 2.4 through 2.17, update to a version that properly initializes the random value for the pointer guard. For eglibc versions 2.4 through 2.17, update to a version that properly initializes the random value for the pointer guard. As a temporary workaround, consider restricting the use of applications that utilize the PTR MANGLE implementation until a patch is available.