Shota Zaizen

**Name of the Vulnerable Software and Affected Versions** Linux ksmbd (affected versions not specified) **Description** A remote memory corruption issue exists in the ACL inheritance path. Remote clients with directory creation permissions can trigger a heap out-of-bounds read and subsequent heap corruption by setting a crafted DACL (Discretionary Access Control List) with a malformed SID (Security Identifier) containing an inflated `num subauth` field. This is achieved by creating a directory, setting the malicious DACL via the 'SMB2 SET INFO' endpoint, and creating child entries. This can lead to kernel instability, denial of service, or potential privilege escalation to kernel code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** radare2 versions prior to commit bc5a890 **Description** An issue exists in the 'afsv/afsvj' command path where crafted ELF binaries can embed malicious r2 command sequences as DWARF `DW TAG formal parameter` names. When the software analyzes a binary using the `aaa` command and subsequently runs `afsvj`, unsanitized parameter interpolation in the `pfq` command string allows for arbitrary shell command execution. **Recommendations** Update to the version containing commit bc5a890.