Jüri Aedla

**Name of the Vulnerable Software and Affected Versions** dhcpcd versions prior to 6.2.0 dhcpcd 5.x **Description** The issue allows remote DHCP servers to execute arbitrary code or cause a denial of service due to memory corruption. This is possible because the `get option` function in `dhcp.c` does not validate the relationship between length fields and the amount of data. A large length value of an option in a DHCPACK message can trigger this issue. **Recommendations** For dhcpcd versions prior to 6.2.0, update to version 6.2.0 or later to resolve the issue. For dhcpcd 5.x, consider disabling the `get option` function in `dhcp.c` as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libpng versions 1.0.x through 1.0.58 libpng versions 1.2.x through 1.2.48 libpng versions 1.4.x through 1.4.10 libpng versions 1.5.x through 1.5.9 **Description** The issue is related to the `png set text 2` function in `pngset.c`, which allows remote attackers to cause a denial of service or execute arbitrary code via a crafted text chunk in a PNG image file. This triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. The vulnerability can be exploited remotely and may lead to a disruption of confidentiality, integrity, and availability of protected information. **Recommendations** For libpng versions 1.0.x through 1.0.58, update to version 1.0.59 or later. For libpng versions 1.2.x through 1.2.48, update to version 1.2.49 or later. For libpng versions 1.4.x through 1.4.10, update to version 1.4.11 or later. For libpng versions 1.5.x through 1.5.9, update to version 1.5.10 or later. As a temporary workaround, consider disabling the `png set text 2` function until a patch is available. Restrict access to PNG image files to minimize the risk of exploitation. Avoid using crafted text chunks in PNG image files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.2.2 **Description** The issue concerns the `mem write` function in the Linux kernel. When Address Space Layout Randomization (ASLR) is disabled, this function does not properly check permissions when writing to the `/proc/(pid)/mem` file. This allows local users to gain privileges by modifying process memory. This has been demonstrated by the Mempodipper exploit. **Recommendations** For Linux kernel versions prior to 3.2.2, update to version 3.2.2 or later to resolve the issue. As a temporary workaround, consider enabling ASLR to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libxml2 versions prior to 2.7.7 Google Chrome versions prior to 16.0.912.75 **Description** The issue is related to a heap-based buffer overflow in libxml2, which can be exploited by remote attackers to cause a denial of service or possibly have other impacts. The vulnerability can be exploited remotely and may lead to a violation of confidentiality, integrity, and availability of protected information. **Recommendations** For libxml2 versions prior to 2.7.7, update to version 2.7.7 or later to resolve the issue. For Google Chrome versions prior to 16.0.912.75, update to version 16.0.912.75 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** libpng versions prior to 1.5.10 Google Chrome versions prior to 17.0.963.56 **Description** The issue is related to an integer overflow in libpng, which can be exploited remotely to cause a denial of service or possibly have other unspecified impacts. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation can be carried out remotely. **Recommendations** For libpng versions prior to 1.5.10, update to version 1.5.10 or later to resolve the issue. For Google Chrome versions prior to 17.0.963.56, update to version 17.0.963.56 or later to resolve the issue.