Zx2C4

**Name of the Vulnerable Software and Affected Versions** Linux versions prior to 5.3.4 **Description** A local attacker can exploit a reference count usage error in the `fib6 rule suppress()` function in the fib6 suppression feature of the `net/ipv6/fib6 rules.c` file, when handling the `FIB LOOKUP NOREF` flag, to corrupt memory. This issue is related to the lack of resource release after its expiration, which can allow an attacker to cause memory damage. **Recommendations** For versions prior to 5.3.4, update to version 5.3.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the `fib6 rule suppress()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Go versions prior to 1.12.2 **Description** The issue is related to the misuse of certain LoadLibrary functionality in Go on Windows, leading to DLL injection. **Recommendations** For Go versions prior to 1.12.2, update to version 1.12.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** QEMU versions prior to 2.5.0-r1 Gentoo QEMU package before 2.5.0-r1 **Description** The issue is caused by synchronization errors when using a shared resource in the QEMU hardware emulator. Exploitation of this issue may allow a remote attacker to cause a denial of service or elevate privileges in the guest operating system. **Recommendations** For QEMU versions prior to 2.5.0-r1, update to version 2.5.0-r1 or later to resolve the issue. For the Gentoo QEMU package before 2.5.0-r1, update to version 2.5.0-r1 or later to resolve the issue.