Uwe Kleine-König

**Name of the Vulnerable Software and Affected Versions** uscan (affected versions not specified) **Description** uscan, a tool included in devscripts, skips OpenPGP verification for files already downloaded, even if a previous verification failed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to an out-of-bounds access in the `of pwm single xlate()` function of the Linux kernel's PWM (Pulse Width Modulation) driver. This can potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information. The problem occurs when `args->args count` equals 2, and `args->args[2]` is not defined, while the flags are actually contained in `args->args[1]`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.