Herbert Xu

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a memory leak in the crypto component of the Linux kernel, specifically in the qat (Quick Assist Technology) module. The problem arises when using `completion done` to determine if the caller has gone away, which only works after a complete call. Additionally, there's a possibility that the caller has not yet called `wait for completion`, resulting in another potential use-after-free (UAF). The fix involves making the caller use `cancel work sync` and then freeing the memory safely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.30 and 2.6.30.1 Description: The issue allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun. This is due to the tun chr poll function in drivers/net/tun.c in the tun subsystem. Recommendations: For Linux kernel versions 2.6.30 and 2.6.30.1, consider compiling the kernel with the -fno-delete-null-pointer-checks gcc option to mitigate the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 2.6.15.3 **Description** The issue arises when constructing an ICMP response in the icmp send function, which fails to properly handle the failure of the ip options echo function in icmp.c. This allows remote attackers to cause a denial of service (crash) through specific vectors, including the use of record-route and timestamp IP options with the needaddr bit set and a truncated value. **Recommendations** For Linux kernel versions prior to 2.6.15.3, update to version 2.6.15.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iptables (affected versions not specified) **Description** The issue allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface, specifically through the `ipq read` and `ipulog read` functions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Debian GNU/Linux kernel versions prior to 2.6.8 Debian GNU/Linux kernel-headers versions prior to 2.6.8 Debian GNU/Linux kernel-image versions prior to 2.6.8 Debian GNU/Linux kernel-pcmcia-modules versions prior to 2.6.8 Debian GNU/Linux lm-sensors versions prior to 2.4.27-3 Debian GNU/Linux i2c versions prior to 2.4.27-3 **Description** The Linux kernel does not properly restrict socket policy access to users with the CAP NET ADMIN capability, which could allow local users to conduct unauthorized activities. The vulnerability can be exploited remotely. The issue affects multiple packages in the Debian GNU/Linux operating system, including the kernel, kernel-headers, kernel-image, kernel-pcmcia-modules, lm-sensors, and i2c. **Recommendations** For Debian GNU/Linux kernel versions prior to 2.6.8, update to version 2.6.8 or later. For Debian GNU/Linux kernel-headers versions prior to 2.6.8, update to version 2.6.8 or later. For Debian GNU/Linux kernel-image versions prior to 2.6.8, update to version 2.6.8 or later. For Debian GNU/Linux kernel-pcmcia-modules versions prior to 2.6.8, update to version 2.6.8 or later. For Debian GNU/Linux lm-sensors versions prior to 2.4.27-3, update to version 2.4.27-3 or later. For Debian GNU/Linux i2c versions prior to 2.4.27-3, update to version 2.4.27-3 or later.