Adam Crosser

**Name of the Vulnerable Software and Affected Versions** FreeBSD (affected versions not specified) **Description** The `rtsock msg buffer()` function copies sockaddr structures into a sockaddr storage structure on the stack without proper validation of the source sockaddr length. This can lead to a 127-byte stack buffer overflow. The overflow overwrites the stack canary for the `rtsock msg buffer()` function, causing a kernel panic upon function return. An unprivileged user can crash the kernel by triggering this overflow. While the stack canary provides mitigation, other kernel bugs could potentially allow an attacker to bypass this protection, potentially leading to local privilege escalation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks GlobalProtect app versions earlier than 5.2.9 **Description** An improper handling of exceptional conditions issue exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app. This enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. The issue impacts the GlobalProtect app on Windows and MacOS. **Recommendations** For GlobalProtect app versions earlier than 5.2.9, update to version 5.2.9 or later to resolve the issue. As a temporary workaround, consider disabling the Connect Before Logon feature until a patch is available. Restrict access to the GlobalProtect app on Windows and MacOS to minimize the risk of exploitation.