Paolo

**Name of the Vulnerable Software and Affected Versions** Linux Kernel (affected versions not specified) **Description** The Linux kernel contains an issue related to network packet scheduling. Specifically, the `act ct` action was found to potentially cause a Use-After-Free (UAF) condition when interacting with the defragmentation engine if a packet returns `TC ACT CONSUMED` while held by the engine. This can occur when `act ct` is used in the egress path. To address this, the kernel now restricts `act ct` to only bind to `clsact/ingress` qdiscs and shared blocks. This allows `act ct` to still function in egress scenarios, but only with `clsact`. The `skb` variable is involved in this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas: Versões do Photo Station anteriores à 6.0.11 Descrição: Esta vulnerabilidade permite que invasores remotos injetem código malicioso por meio de uma vulnerabilidade de script entre sites (XSS) no Photo Station. Recomendações: Para versões anteriores à 6.0.11, atualize para a versão 6.0.11 ou posterior para resolver o problema.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.17 **Description** There is a possible out-of-bounds read in the Linux kernel. The `restart syscall` function uses uninitialized data when restarting `compat sys nanosleep`. However, this issue is disputed because the code path is reportedly unreachable. **Recommendations** For Linux kernel versions prior to 3.17, update to version 3.17 or later to resolve the issue. As a temporary workaround, consider restricting access to the `compat sys nanosleep` function until a patch is available.