Martin Wilck

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.58 **Description** The issue is related to an off-by-one error in the `sd read block characteristics()` function. If a device returns page 0xb1 with a length of 8, this function may attempt an out-of-bounds memory access when accessing the zoned field at offset 8. This could potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider restricting access to the `sd read block characteristics()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707 openSUSE Leap 15.3 permissions versions prior to 20200127 openSUSE Leap 15.4 permissions versions prior to 20201225 openSUSE Leap Micro 5.2 permissions versions prior to 20181225 **Description** The issue is related to an Incorrect Authorization vulnerability in the chkstat component. It did not consider group writable path components, allowing local attackers with access to a group that can write to a location included in the path to a privileged binary to influence path resolution. **Recommendations** For SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707, update to a version after 20170707 to resolve the issue. For openSUSE Leap 15.3 permissions versions prior to 20200127, update to a version after 20200127 to resolve the issue. For openSUSE Leap 15.4 permissions versions prior to 20201225, update to a version after 20201225 to resolve the issue. For openSUSE Leap Micro 5.2 permissions versions prior to 20181225, update to a version after 20181225 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.6.x through 1.6.10 Wireshark versions 1.8.x through 1.8.2 **Description** The issue allows remote attackers to cause a denial of service, resulting in an infinite loop and CPU consumption. This is achieved by providing a small value for a certain length field in a capture file. **Recommendations** For Wireshark versions 1.6.x through 1.6.10, update to a version outside of this range to resolve the issue. For Wireshark versions 1.8.x through 1.8.2, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting the use of the dissect drda function in epan/dissectors/packet-drda.c until a patch is available.