Rich Felker

**Name of the Vulnerable Software and Affected Versions** GNU Binutils versions 2.35 and earlier **Description** The issue is related to an open race window when writing output in certain utilities, including `ar`, `objcopy`, `strip`, and `ranlib`. This can be exploited by an unprivileged user to trick these utilities into gaining ownership of arbitrary files through a symlink, potentially allowing privilege escalation. The utilities are vulnerable when run as a privileged user, such as part of a script updating binaries across different users. **Recommendations** For GNU Binutils versions 2.35 and earlier, consider restricting the use of the vulnerable utilities (`ar`, `objcopy`, `strip`, and `ranlib`) when run as a privileged user to minimize the risk of exploitation. Avoid using these utilities in scripts that update binaries across different users until a fix is available. As a temporary workaround, consider disabling the use of symlinks in these utilities until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** musl libc versions prior to 1.1.24 **Description** The issue is related to an x87 floating-point stack adjustment imbalance in the math/i386/ directory of the musl libc library. This imbalance can lead to out-of-bounds writes not present in an application's source code. In some cases, exploitation of this issue may allow a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** For musl libc versions prior to 1.1.24, update to version 1.1.24 or later to resolve the issue. As a temporary workaround, consider restricting the use of the math/i386/ directory functions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** musl libc versions 0.9.15 through 1.0.4 musl libc versions 1.1.0 through 1.1.7 **Description** A stack-based buffer overflow issue exists in the inet pton function in musl libc, which could allow attackers to have an unspecified impact. The issue is related to unknown vectors. **Recommendations** For musl libc versions 0.9.15 through 1.0.4, update to a version outside of this range to resolve the issue. For musl libc versions 1.1.0 through 1.1.7, update to a version outside of this range to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TRE library versions (affected versions not specified) musl libc versions (affected versions not specified) **Description** The issue is related to multiple integer overflows in the TRE library and musl libc, which can be exploited by attackers to cause memory corruption. This can be achieved by providing a large number of states or tags, resulting in an out-of-bounds write. **Recommendations** For TRE library versions, consider applying configuration changes to limit the number of states or tags that can be processed to prevent memory corruption. For musl libc versions, restrict access to the library to minimize the risk of exploitation until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** glibc versions prior to 2.20 **Description** The issue arises from the send dg function in resolv/res send.c, which fails to properly reuse file descriptors. This allows remote attackers to send DNS queries to unintended locations by triggering a large number of requests that call the getaddrinfo function. **Recommendations** For versions prior to 2.20, update to version 2.20 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** musl libc versions 0.9.13 through 1.0.3 musl libc versions 1.1.x before 1.1.2 **Description** The issue is related to multiple stack-based buffer overflows in the ` dn expand` function, which can be triggered by an invalid name length in a DNS response. This can allow remote attackers to have an unspecified impact or cause a denial of service (crash), related to an infinite loop with no output. **Recommendations** For musl libc versions 0.9.13 through 1.0.3, update to version 1.0.4 or later. For musl libc versions 1.1.x before 1.1.2, update to version 1.1.2 or later. As a temporary workaround, consider restricting the use of the ` dn expand` function in the `network/dn expand.c` file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** musl versions prior to 0.8.8 **Description** The issue is a stack-based buffer overflow in the fprintf function, which can be exploited by context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code. This can happen when a long string is sent to an unbuffered stream, such as stderr. **Recommendations** For versions prior to 0.8.8, update to version 0.8.8 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: screen versions prior to 4.0.3 Description: The issue is related to the handling of UTF8 combining characters in the `utf8 handle comb` function in `encoding.c`. This can be exploited by attackers to cause a denial of service, resulting in a crash or hang, via certain UTF8 sequences. The vulnerability can be exploited remotely. Recommendations: For versions prior to 4.0.3, update to version 4.0.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of UTF8 sequences in the affected function until a patch is available.