Denis Efremov

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability in the Linux kernel has been identified, specifically in the staging driver r8188eu. The issue is related to the function `rtw wx set scan()`, where there is a potential for writing beyond the end of the `->Ssid` array. Although there is a check in place to prevent read overflow, an additional check is necessary to prevent write overflow. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.2.3 **Description** The issue is related to a division-by-zero error in the `setup format params()` function of the Linux kernel. This can be exploited to cause a denial of service. An unprivileged local user can trigger the bug by setting specific drive geometry values that result in `F SECT PER TRACK` being zero, followed by a floppy format operation. This can be done even without a floppy disk inserted, as QEMU creates the floppy device by default. **Recommendations** For Linux kernel versions prior to 5.2.3, update to version 5.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the floppy device to minimize the risk of exploitation.