Pedro Pinto

**Name of the Vulnerable Software and Affected Versions** Microsoft HoloLens 1 (Windows Holographic) versions 10.0.17763.3046 and earlier Microsoft HoloLens 2 (Windows Holographic) versions 10.0.22621.1244 and earlier **Description** The pairing API request handler in Microsoft HoloLens allows remote attackers to cause a Denial of Service by sending many requests through the Device Portal framework, resulting in resource consumption and device unusability. **Recommendations** For Microsoft HoloLens 1 (Windows Holographic) versions 10.0.17763.3046 and earlier, update to a version later than 10.0.17763.3046 to resolve the issue. For Microsoft HoloLens 2 (Windows Holographic) versions 10.0.22621.1244 and earlier, update to a version later than 10.0.22621.1244 to resolve the issue. As a temporary workaround, consider restricting access to the Device Portal framework to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a use after free (UAF) vulnerability in the Linux kernel. It occurs when an active old-style ingress or clsact qdisc with a shared tc block is later replaced by another ingress or clsact instance, causing the tcx entry to be released too early. The sequence to trigger the UAF involves creating a network namespace, allocating a tcx entry, and then replacing the qdisc, which frees the previously linked tcx entry. Later, when the network namespace is closed, it accesses the already freed tcx entry, leading to the UAF. The correct fix is to turn the miniq active boolean into a counter, ensuring the tcx entry is freed at the correct time. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.