CVE-2025-47775 Bullfrog's DNS over TCP bypasses domain filtering

Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue...

kernel: iommu/s390: Implement blocking domain

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug iommugroupsetdomainnofail attaching the default domain fails when the platform no...

kernel: iommu/s390: Implement blocking domain

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug iommugroupsetdomainnofail attaching the default domain fails when the platform no...

[SECURITY] Fedora 41 Update: nodejs22-22.15.0-2.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

[SECURITY] Fedora 42 Update: nodejs22-22.15.0-2.fc42

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

Tired of Google sponsored ads? So are we! That’s why we’re introducing the option to block them on iOS

Sponsored ads on Google search don’t just irritate users—they also provide a dangerous opportunity for cybercriminals to spread malware and scams to their unsuspecting victims. What looks like a harmless search result can be a carefully disguised trap. At Malwarebytes, our researchers have...

CVE-2025-37802

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix WARNING "do not call blocking ops when !TASKRUNNING" waiteventtimeout will set the state of the current task to TASKUNINTERRUPTIBLE, before doing the condition check. This means that ksmbddurablescavengeralive will try...

DEBIAN-CVE-2025-37802

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix WARNING "do not call blocking ops when !TASKRUNNING" waiteventtimeout will set the state of the current task to TASKUNINTERRUPTIBLE, before doing the condition check. This means that ksmbddurablescavengeralive will try...

UBUNTU-CVE-2025-37802

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix WARNING "do not call blocking ops when !TASKRUNNING" waiteventtimeout will set the state of the current task to TASKUNINTERRUPTIBLE, before doing the condition check. This means that ksmbddurablescavengeralive will try...

CVE-2025-37802 ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING"

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix WARNING "do not call blocking ops when !TASKRUNNING" waiteventtimeout will set the state of the current task to TASKUNINTERRUPTIBLE, before doing the condition check. This means that ksmbddurablescavengeralive will try...

CVE-2025-37802

CVE-2025-37802 affects the Linux kernel’s ksmbd path. The issue arises from wait_event_timeout() potentially leaving the current task in TASK_UNINTERRUPTIBLE and then acquiring a mutex in ksmbd_durable_scavenger_alive(), which can sleep while holding a lock. The fix removes the unnecessary mutex ...

CVE-2025-37802 ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING"

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix WARNING "do not call blocking ops when !TASKRUNNING" waiteventtimeout will set the state of the current task to TASKUNINTERRUPTIBLE, before doing the condition check. This means that ksmbddurablescavengeralive will try...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from calling blocking operations in a non-running state...

[SECURITY] Fedora 41 Update: nodejs20-20.19.1-1.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

The vulnerability of the microprogramming software of the Uniswap Universal Router, which allows a hacker to cause a service failure.

The vulnerability of the Uniswap Universal Router’s microprogramming software is related to insufficient blocking mechanisms. Exploiting this vulnerability could allow a malicious actor to cause service failures...

CVE-2023-53089 ext4: fix task hung in ext4_xattr_delete_inode

In the Linux kernel, the following vulnerability has been resolved: ext4: fix task hung in ext4xattrdeleteinode Syzbot reported a hung task problem: ================================================================== INFO: task syz-executor232:5073 blocked for more than 143 seconds. Not tainted...

CVE-2023-53045 usb: gadget: u_audio: don't let userspace block driver unbind

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uaudio: don't let userspace block driver unbind In the unbind callback for fuac1 and fuac2, a call to sndcardfree via gaudiocleanup will disconnect the card and then wait for all resources to be released, which happe...

The vulnerability of the Linux operating system’s powerpc/pseries kernel components, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s powerpc/pseries kernel components is related to improper blocking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the bpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the bpf component in the Linux operating system’s kernel is related to improper blocking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2022-49767 9p/trans_fd: always use O_NONBLOCK read/write

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: always use ONONBLOCK read/write syzbot is reporting hung task at p9fdclose 1, for p9muxpollstop from p9conndestroy from p9fdclose is failing to interrupt already started kernelread from p9fdread from p9readwork and/or...