Christian Jaeger

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 29.0.1547.57 **Description** The issue concerns the SharedMemory::Create function in memory/shared memory posix.cc, which uses weak permissions under /dev/shm/. This allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file. **Recommendations** For versions prior to 29.0.1547.57, update to version 29.0.1547.57 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** hsolink version 1.0.118 **Description** The issue allows local users to gain privileges via shell metacharacters in command-line arguments. This can be demonstrated by the second argument in a down action, potentially leading to unauthorized access. **Recommendations** For version 1.0.118, consider restricting the use of hsolinkcontrol to minimize the risk of exploitation until a patch is available. Avoid using shell metacharacters in command-line arguments for the down action to prevent privilege escalation.

**Name of the Vulnerable Software and Affected Versions** hsolink version 1.0.118 **Description** The issue is related to multiple stack-based buffer overflows in the hsolinkcontrol component of hsolink. This can be exploited by local users via long command-line arguments to gain privileges. **Recommendations** For hsolink version 1.0.118, at the moment, there is no information about a newer version that contains a fix for this vulnerability.