Multiple integer overflows were discovered in the GNU/Linux
version of Bitdefender when analyzing corrupted PE binaries
packed with neolite and asprotect packers.
Clamav uses an external unpacker, which can be deterministically crashed,
when processing corrupted LZH files.
The password checking routine of SafeBoot Device Encryption fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.
The password checking routine of GRUB fails to sanitize the
BIOS keyboard buffer before AND after reading passwords.