Z3Ntu

**Name of the Vulnerable Software and Affected Versions** OpenRazer versions prior to 3.5.1 **Description** OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device, an attacker can leak stack addresses of the `razer attr read dpi stages`, potentially bypassing KASLR. To exploit this issue, an attacker would need to access a user's keyboard or mouse or convince a user to use a modified device. **Recommendations** For versions prior to 3.5.1, upgrade to version 3.5.1 or later to resolve the issue. As a general precaution, users should be reminded not to plug in unknown USB devices.