Xuanzhe Yu

Name of the Vulnerable Software and Affected Versions: NVIDIA NeMo Framework (affected versions not specified) Description: The NVIDIA NeMo Framework contains an issue in the NLP component that could allow an attacker to inject code through maliciously crafted data. A successful exploit may lead to code execution, privilege escalation, information disclosure, and data tampering. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: NVIDIA NeMo Framework (affected versions not specified) Description: The NVIDIA NeMo Framework contains an issue in the NLP component that could allow an attacker to inject code through malicious data. A successful exploit may lead to code execution, escalation of privileges, information disclosure, and data tampering. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A slab-out-of-bounds read can occur in the Linux kernel when the `->NameOffset` of `smb2 create req` is smaller than the Buffer offset of `smb2 create req`. This issue is resolved by setting the minimum value of the name offset to the buffer offset to validate the name length of `smb2 create req()`. The vulnerability is related to the `ksmbd` component and the `smb strndup from utf16()` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.