Oded Horovitz

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.8.6 **Description** The issue concerns multiple vulnerabilities in the Linux operating system, specifically in the Debian GNU/Linux package, which can be exploited by a local attacker to compromise the confidentiality, integrity, and availability of protected information. A heap-based buffer overflow vulnerability exists in the `tg3 read vpd` function in the Linux kernel, allowing physically proximate attackers to cause a denial of service or possibly execute arbitrary code via crafted firmware. **Recommendations** For Linux kernel versions prior to 3.8.6, update to version 3.8.6 or later to resolve the issue. As a temporary workaround, consider restricting physical access to the system to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** A buffer overflow issue in the Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.