Fernando Gont

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.1 ext4dev-kmp-trace (affected versions not specified) **Description** The issue affects the IPv6 implementation in the Linux kernel, making it easier for remote attackers to disrupt networking by predicting Fragment Identification values and sending crafted packets. Additionally, multiple vulnerabilities in the ext4dev-kmp-trace package of SUSE Linux Enterprise may lead to disruption of protected information availability, exploitable remotely. **Recommendations** For Linux kernel versions prior to 3.1, update to version 3.1 or later to resolve the issue. For ext4dev-kmp-trace, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HP-UX versions (affected versions not specified) Linux kernel (affected versions not specified) **Description** A potential security issue has been identified that could be remotely exploited to cause a Denial of Service (DoS). The Linux kernel has several security issues, including a VMA handling flaw in the uselib(2) system call that could allow a local user to gain elevated privileges. Additionally, a flaw was discovered where an executable could cause a VMA overlap leading to a crash. A flaw in the page fault handler code could lead to local users gaining elevated privileges on multiprocessor machines. A flaw in the system call filtering code in the audit subsystem allowed a local user to cause a crash when auditing was enabled. **Recommendations** For HP-UX, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Linux kernel, upgrade the kernel to the packages associated with the machine architectures and configurations as listed in the erratum. As a temporary workaround, consider disabling the `uselib(2)` system call until a patch is available. Restrict access to the audit subsystem to minimize the risk of exploitation. Avoid using the `cmsg len` handling until the issue is resolved.