CVE-2022-49954

The CVE-2022-49954 issue concerns the Linux kernel and a race where, after clearing IFORCE_XMIT_RUNNING, wake_up was not invoked, causing a hung task in input handling (hang at __input_unregister_device() during iforce_close and input_disconnect_device()). The root cause per the provided descript...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not waiting for an IRQ to complete, which could lead to stack corruption...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not waiting for a command to complete when a sg device is removed, which could lead to data corruption...

SHADE-Arena: Evaluating Sabotage and Monitoring in LLM Agents

As Large Language Models LLMs are increasingly deployed as autonomous agents in complex and long horizon settings, it is critical to evaluate their ability to sabotage users by pursuing hidden objectives. We study the ability of frontier LLMs to evade monitoring and achieve harmful hidden goals...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it. The pm8001phycontrol function populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET/PHYHARDRESET, waits for 300 milliseconds, and then...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should only be released after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

Astra Linux - Vulnerability in linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Ensure the job pointer is set to NULL after the job completes After a job completes, the corresponding pointer in the device must be set to NULL. Failure to do so triggers a warning when unloading the driver, as it appea...

SUSE CVE-2025-37995

In the Linux kernel, the following vulnerability has been resolved: module: ensure that kobjectput is safe for module type kobjects In 'lookuporcreatemodulekobject', an internal kobject is created using 'modulektype'. So call to 'kobjectput' on error handling path causes an attempt to use an...

DEBIAN-CVE-2025-37995

In the Linux kernel, the following vulnerability has been resolved: module: ensure that kobjectput is safe for module type kobjects In 'lookuporcreatemodulekobject', an internal kobject is created using 'modulektype'. So call to 'kobjectput' on error handling path causes an attempt to use an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the UCSI driver not waiting for all tasks to complete before partner removal...

Cloud Netscaler console security advisory scan stuck on In Progress

Trying to run the security advisory scan from cloud.com but the scan and it looks like the previous three scans are not completing, It is stuck on "In Progress."...

CVE-2024-32919

In lwisaddcompletionfence of lwisfence.c, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21197

In btmaclprocessscacmplpkt of btmacl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2023-20953

In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to bypass factory reset protection due to incorrect UI being shown prior to setup completion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

DRUPAL-CONTRIB-2025-067

This module enables you to pay for Commerce order to an environment provided and secured by the bank The module doesn't sufficiently verify the payment status on canceled orders. An attacker can issue a specially crafted request to update the order status to completed...

kernel: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink

In Linux kernel net/mlx5e, for SHAMPO, it is possible to receive CQEs with 0 consumed strides for the same WQE even after the WQE is fully consumed and unlinked. This triggers an additional unlink for the same wqe which corrupts the linked list...

CVE-2025-37906

In the Linux kernel, the following vulnerability has been resolved: ublk: fix race between iouringcmdcompleteintask and ublkcancelcmd ublkcancelcmd calls iouringcmddone to complete uringcmd, but we may have scheduled task work via iouringcmdcompleteintask for dispatching request, then kernel cras...

DEBIAN-CVE-2025-37906

In the Linux kernel, the following vulnerability has been resolved: ublk: fix race between iouringcmdcompleteintask and ublkcancelcmd ublkcancelcmd calls iouringcmddone to complete uringcmd, but we may have scheduled task work via iouringcmdcompleteintask for dispatching request, then kernel cras...

CVE-2025-37906 ublk: fix race between io_uring_cmd_complete_in_task and ublk_cancel_cmd

In the Linux kernel, the following vulnerability has been resolved: ublk: fix race between iouringcmdcompleteintask and ublkcancelcmd ublkcancelcmd calls iouringcmddone to complete uringcmd, but we may have scheduled task work via iouringcmdcompleteintask for dispatching request, then kernel cras...

Robust Federated Learning with Confidence-Weighted Filtering and GAN-Based Completion under Noisy and Incomplete Data

Federated learning FL presents an effective solution for collaborative model training while maintaining data privacy across decentralized client datasets. However, data quality issues such as noisy labels, missing classes, and imbalanced distributions significantly challenge its effectiveness. Th...