79 matches found
EUVD-2025-20934
Malicious code in bioql PyPI...
EUVD-2025-13214
Malicious code in bioql PyPI...
PT-2025-38366
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the UFS error handling flow within the Linux kernel. Specifically, if a device management command NOP OUT times out during link recovery and clearing the doorbell fails,...
CVE-2025-39803
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove WARNONONCE call from ufshcduiccmdcompl The UIC completion interrupt may be disabled while an UIC command is being processed. When the UIC completion interrupt is reenabled, an UIC interrupt is triggered an...
UBUNTU-CVE-2025-39803
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove WARNONONCE call from ufshcduiccmdcompl The UIC completion interrupt may be disabled while an UIC command is being processed. When the UIC completion interrupt is reenabled, an UIC interrupt is triggered an...
CVE-2025-39803
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove WARNONONCE call from ufshcduiccmdcompl The UIC completion interrupt may be disabled while an UIC command is being processed. When the UIC completion interrupt is reenabled, an UIC interrupt is triggered an...
PT-2025-37484
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The UIC completion interrupt may be disabled while a UIC command is being processed. When the interrupt is re-enabled, an interrupt is triggered, resulting in a kernel warning. This...
SUSE CVE-2025-38658
In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmetreqinit fails Have nvmetreqinit and req-execute complete failed commands. Description of the problem: nvmetreqinit calls nvmetreqcomplete internally upon failure, e.g.,...
CVE-2025-38658 nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails
In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmetreqinit fails Have nvmetreqinit and req-execute complete failed commands. Description of the problem: nvmetreqinit calls nvmetreqcomplete internally upon failure, e.g.,...
CVE-2025-38314
In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the resultsgsize field of the...
CVE-2025-38314 virtio-pci: Fix result size returned for the admin command completion
In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the resultsgsize field of the...
CVE-2022-50215
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...
CVE-2022-49954
In the Linux kernel, the following vulnerability has been resolved: Input: iforce - wake up after clearing IFORCEXMITRUNNING flag syzbot is reporting hung task at inputunregisterdevice 1, for iforceclose waiting at waiteventinterruptible with dev-mutex held is blocking inputdisconnectdevice from...
UBUNTU-CVE-2022-49954
In the Linux kernel, the following vulnerability has been resolved: Input: iforce - wake up after clearing IFORCEXMITRUNNING flag syzbot is reporting hung task at inputunregisterdevice 1, for iforceclose waiting at waiteventinterruptible with dev-mutex held is blocking inputdisconnectdevice from...
CVE-2022-50215 scsi: sg: Allow waiting for commands to complete on removed device
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...
CVE-2022-50215 scsi: sg: Allow waiting for commands to complete on removed device
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...
CVE-2022-49954
The CVE-2022-49954 issue concerns the Linux kernel and a race where, after clearing IFORCE_XMIT_RUNNING, wake_up was not invoked, causing a hung task in input handling (hang at __input_unregister_device() during iforce_close and input_disconnect_device()). The root cause per the provided descript...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not waiting for a command to complete when a sg device is removed, which could lead to data corruption...
CVE-2025-37906
In the Linux kernel, the following vulnerability has been resolved: ublk: fix race between iouringcmdcompleteintask and ublkcancelcmd ublkcancelcmd calls iouringcmddone to complete uringcmd, but we may have scheduled task work via iouringcmdcompleteintask for dispatching request, then kernel cras...
DEBIAN-CVE-2025-37906
In the Linux kernel, the following vulnerability has been resolved: ublk: fix race between iouringcmdcompleteintask and ublkcancelcmd ublkcancelcmd calls iouringcmddone to complete uringcmd, but we may have scheduled task work via iouringcmdcompleteintask for dispatching request, then kernel cras...