Jimmy

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a buffer overflow in the Linux kernel, allowing an attacker to write memory out of bounds. This can be achieved by sending malicious data to the kernel using the ioctl cmd FBIOPUT VSCREENINFO. The exploitation of this issue may allow an attacker to execute arbitrary code. A missing bounds check in the fbcon set font() function of fbcon.c can lead to a possible out of bounds write, resulting in local information disclosure without requiring additional execution privileges. User interaction is not needed for exploitation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a boundary error when setting a font with malicious data using the ioctl cmd PIO FONT, which can cause the kernel to write memory out of bounds. This can potentially allow an attacker to initiate unlimited writing and execute arbitrary code with elevated privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 60 Firefox ESR versions prior to 52.8 Thunderbird versions prior to 52.8 Thunderbird ESR versions prior to 52.8 Windows 10 versions April 2018 Update and later **Description** The issue is related to the incorrect setting of the `SEE MASK FLAG NO UI` flag by Firefox when downloading files, leading to less secure behavior from Windows Defender SmartScreen. This allows unknown and potentially dangerous files to run without prompting the user for a decision. The vulnerability is also associated with errors in processing permissions in the baseURI component of Firefox ESR, Firefox, and Thunderbird, which can be exploited by a remote attacker to compromise the integrity of protected information. **Recommendations** For Firefox versions prior to 60, update to version 60 or later. For Firefox ESR versions prior to 52.8, update to version 52.8 or later. For Thunderbird versions prior to 52.8, update to version 52.8 or later. For Thunderbird ESR versions prior to 52.8, update to version 52.8 or later. For Windows 10 users running the April 2018 update or later, ensure that Windows Defender SmartScreen is configured to prompt the user for a decision when downloading unknown files.