Set3R.Pan

**Name of the Vulnerable Software and Affected Versions** kylin-software-properties versions prior to 0.0.1-130 **Description** A critical issue has been found in the `changedSource` function, leading to improper access controls. This can be exploited locally. It is reported that the exploit has been disclosed publicly. **Recommendations** For versions prior to 0.0.1-130, upgrade to version 0.0.1-130 to address this issue. As a temporary workaround, consider restricting access to the `changedSource` function until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** kylin-software-properties versions prior to 0.0.1-130 **Description** A critical issue affects the `setMainSource` function, leading to os command injection. This requires local access to exploit. The issue has been publicly disclosed. **Recommendations** For versions prior to 0.0.1-130, upgrade to version 0.0.1-130 to address this issue. As a temporary workaround, consider restricting access to the `setMainSource` function until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** KylinSoft youker-assistant versions prior to 3.0.2-0kylin6k70-23 **Description** A critical issue has been found in the `restore all sound file` function, allowing for path traversal manipulation, such as '../filedir'. This issue requires local access to exploit. The issue has been publicly disclosed. **Recommendations** For versions prior to 3.0.2-0kylin6k70-23, upgrade to version 3.0.2-0kylin6k70-23 to address this issue. As a temporary workaround, consider disabling the `restore all sound file` function until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** KylinSoft youker-assistant versions prior to 3.0.2-0kylin6k70-23 **Description** A critical issue was found in the `delete file` function of the `dbus.SystemBus` library in the Arbitrary File Handler component, leading to improper access controls. This issue can be exploited locally. **Recommendations** For versions prior to 3.0.2-0kylin6k70-23, upgrade to version 3.0.2-0kylin6k70-23 to address this issue. As a temporary workaround, consider restricting access to the `delete file` function in the `dbus.SystemBus` library until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** KylinSoft youker-assistant versions prior to 3.1.4.13 **Description** A critical issue was found in the `adjust cpufreq scaling governer` function, leading to os command injection. The attack can be launched on the local host. **Recommendations** For versions prior to 3.1.4.13, upgrade to version 3.1.4.13 to address this issue. As a temporary workaround, consider disabling the `adjust cpufreq scaling governer` function until the patch is applied.

**Name of the Vulnerable Software and Affected Versions** kylin-activation versions prior to 1.3.11-23 and 1.30.10-5.p23 **Description** A critical issue was found in the File Import component of kylin-activation, leading to improper authorization. The attack must be approached locally. The exploit has been disclosed to the public and may be used. **Recommendations** For versions prior to 1.3.11-23, upgrade to version 1.3.11-23 to address this issue. For versions prior to 1.30.10-5.p23, upgrade to version 1.30.10-5.p23 to address this issue.