Michael Jennings

**Name of the Vulnerable Software and Affected Versions** Library of Assorted Spiffy Things (LibAST) versions 0.6.1 and earlier libast versions prior to 0.7 **Description** The issue allows local users to execute arbitrary code via a long command line argument, potentially leading to disruption of confidentiality, integrity, and availability of protected information. Exploitation can be carried out by a local attacker. **Recommendations** For Library of Assorted Spiffy Things (LibAST) versions 0.6.1 and earlier, consider updating to a version later than 0.6.1. For libast versions prior to 0.7, update to version 0.7 or later. As a temporary workaround, consider restricting access to the vulnerable `libast` package until a patch is available. Avoid using long command line arguments for the `-X` option, which specifies an alternative configuration file name, until the issue is resolved.