Kees

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0 Description The Linux kernel contains a flaw in the RedBoot partition table parser. When CONFIG FORTIFY SOURCE is enabled and a recent compiler is used, a buffer overflow can occur during the parsing process, potentially leading to a system crash. The issue arises because the code uses `memcmp()` with a potentially oversized buffer, as the size calculation relies on `strlen()`. The `memcmp()` function attempts to read beyond the allocated memory, triggering the warning and subsequent oops. Recommendations Update to Linux kernel version 6.19.0 or later.

**Name of the Vulnerable Software and Affected Versions** whoopsie-daisy versions prior to 0.1.26 **Description** The issue allows a root user to remove arbitrary files. **Recommendations** For versions prior to 0.1.26, update to version 0.1.26 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** mountall versions prior to 2.15.2 **Description** The issue allows local users to gain privileges by modifying the root.rules file, which is created with 0666 permissions by mountall.c in mountall. **Recommendations** For versions prior to 2.15.2, update to version 2.15.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** PolicyKit versions 0.7 and earlier **Description** The issue is related to a format string vulnerability in the grant helper of PolicyKit. This vulnerability allows attackers to cause a denial of service, potentially leading to a crash, and may also enable the execution of arbitrary code. The vulnerability is triggered by format strings in a password. **Recommendations** For versions 0.7 and earlier, consider updating to a version later than 0.7 to resolve the issue. As a temporary workaround, restrict the use of the grant helper to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** openSUSE pam versions prior to 1.1.5 SUSE Linux Enterprise pam versions prior to 1.1.5 Debian GNU/Linux pam versions prior to 1.1.5 openSUSE pam-32bit versions prior to 1.1.5 SUSE Linux Enterprise pam-32bit versions prior to 1.1.5 openSUSE pam-devel versions prior to 1.1.5 SUSE Linux Enterprise pam-devel versions prior to 1.1.5 SUSE Linux Enterprise pam-devel-32bit versions prior to 1.1.5 openSUSE pam-devel-32bit versions prior to 1.1.5 SUSE Linux Enterprise pam-devel-64bit versions prior to 1.1.5 **Description** The issue is related to multiple vulnerabilities in the pam package of various Linux operating systems, including openSUSE, SUSE Linux Enterprise, and Debian GNU/Linux. These vulnerabilities can be exploited locally, potentially leading to a violation of confidentiality, integrity, and availability of protected information. A specific vulnerability is a stack-based buffer overflow in the assemble line function in modules/pam env/pam env.c in Linux-PAM before version 1.1.5, which allows local users to cause a denial of service and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam environment file. **Recommendations** For openSUSE pam versions prior to 1.1.5, update to version 1.1.5 or later. For SUSE Linux Enterprise pam versions prior to 1.1.5, update to version 1.1.5 or later. For Debian GNU/Linux pam versions prior to 1.1.5, update to version 1.1.5 or later. For openSUSE pam-32bit versions prior to 1.1.5, update to version 1.1.5 or later. For SUSE Linux Enterprise pam-32bit versions prior to 1.1.5, update to version 1.1.5 or later. For openSUSE pam-devel versions prior to 1.1.5, update to version 1.1.5 or later. For SUSE Linux Enterprise pam-devel versions prior to 1.1.5, update to version 1.1.5 or later. For SUSE Linux Enterprise pam-devel-32bit versions prior to 1.1.5, update to version 1.1.5 or later. For openSUSE pam-devel-32bit versions prior to 1.1.5, update to version 1.1.5 or later. For SUSE Linux Enterprise pam-devel-64bit versions prior to 1.1.5, update to version 1.1.5 or later. As a temporary workaround, consider restricting access to the `~/.pam environment` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** hplip versions 1.x through 2.x before 2.7.10 hplip-data (affected versions not specified) hpijs-ppds (affected versions not specified) hplip-doc (affected versions not specified) hplip-dbg (affected versions not specified) hpijs (affected versions not specified) **Description** The issue concerns multiple vulnerabilities in the hplip package and its related components in Debian GNU/Linux, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The `hpssd` component in hplip is specifically vulnerable to context-dependent attacks, allowing the execution of arbitrary commands via shell metacharacters in a from address when invoking sendmail. **Recommendations** For hplip versions 1.x through 2.x before 2.7.10, update to version 2.7.10 or later. For hplip-data, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For hpijs-ppds, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For hplip-doc, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For hplip-dbg, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For hpijs, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** openSUSE pam versions (affected versions not specified) SUSE Linux Enterprise pam versions (affected versions not specified) Debian GNU/Linux pam versions (affected versions not specified) pam-devel versions (affected versions not specified) pam-doc versions (affected versions not specified) pam-32bit versions (affected versions not specified) pam-64bit versions (affected versions not specified) pam-devel-32bit versions (affected versions not specified) pam-devel-64bit versions (affected versions not specified) Linux-PAM versions prior to 1.1.5 **Description** The issue concerns multiple vulnerabilities in the pam package of various Linux operating systems, including openSUSE, SUSE Linux Enterprise, and Debian GNU/Linux. These vulnerabilities can be exploited locally, potentially leading to a violation of confidentiality, integrity, and availability of protected information. The expand arg function in the pam env module of Linux-PAM is also vulnerable to a denial of service (CPU consumption) due to improper handling of environment variable expansion overflows. **Recommendations** For Linux-PAM versions prior to 1.1.5, update to version 1.1.5 or later to resolve the issue. For other affected versions, at the moment, there is no information about a newer version that contains a fix for this vulnerability.