Fweimer

**Name of the Vulnerable Software and Affected Versions** Rust versions 1.0.0 through 1.58.0 **Description** The `std::fs::remove dir all` standard library function in Rust is vulnerable to a race condition enabling symlink following. This issue allows an attacker to trick a privileged program into deleting files and directories that the attacker could not otherwise access or delete. The vulnerability is particularly dangerous when the affected application runs with elevated privileges, as it could lead to the deletion of important system files. **Recommendations** To resolve the issue, update to Rust 1.58.1 as soon as possible, especially if you are developing programs expected to run in privileged contexts, including system daemons and setuid binaries. For build targets that do not have usable APIs to properly mitigate the attack, such as macOS before version 10.10 (Yosemite) and REDOX, consider alternative mitigation strategies, but note that even with a patched toolchain, these targets are still vulnerable. As a temporary workaround, consider avoiding the use of the `std::fs::remove dir all` function in privileged contexts until the issue is fully resolved.

**Name of the Vulnerable Software and Affected Versions** libarchive versions 3.4.1 through 3.5.1 **Description** The issue is related to a use-after-free in the `copy string` function, which is called from `do uncompress block` and `process block` functions. This can allow a remote attacker to execute arbitrary code and affect the system, potentially leading to a denial of service. The vulnerability is associated with the use of memory after it has been freed. **Recommendations** For libarchive versions 3.4.1 through 3.5.1, consider disabling the `copy string` function as a temporary workaround until a patch is available. Restrict access to the `do uncompress block` and `process block` functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** systemd (affected versions not specified) **Description** The issue is related to a stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd. This could potentially allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.