Ash1852

**Name of the Vulnerable Software and Affected Versions** open-mpi hwloc version 2.1.0 **Description** An issue was discovered in open-mpi hwloc that allows attackers to cause a denial of service or other unspecified impacts via `glibc-cpuset` in `topology-linux.c`. **Recommendations** For open-mpi hwloc version 2.1.0, consider disabling the `glibc-cpuset` functionality in `topology-linux.c` as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNS3 dynamips version 0.2.21 **Description** The issue is related to the use of an uninitialized variable in the function `gen eth recv` in GNS3 dynamips. This could potentially lead to unpredictable behavior or errors. **Recommendations** For GNS3 dynamips version 0.2.21, consider disabling the `gen eth recv` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple DirectMedia Layer version 1.2 **Description** The issue is related to a use-after-free vulnerability in the XFree function of the /src/video/x11/SDL x11yuv.c component of the Simple DirectMedia Layer library. This vulnerability can be exploited by a remote attacker to cause a denial of service. **Recommendations** For Simple DirectMedia Layer version 1.2, consider disabling the XFree function as a temporary workaround until a patch is available. Restrict access to the /src/video/x11/SDL x11yuv.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** xiph opusfile versions 0.9 through 0.12 **Description** A null pointer dereference issue was discovered in functions `op get data` and `op open1` in opusfile.c. This issue may allow attackers to cause a denial of service or other unspecified impacts. The vulnerability is related to the `opusfile` library, a stream decoder for the opus format. **Recommendations** For versions 0.9 through 0.12, consider disabling the `op get data` and `op open1` functions in opusfile.c as a temporary workaround to minimize the risk of exploitation. Restrict access to the vulnerable opusfile.c module to prevent potential attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.