Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: ufs: core: mcq: Fix for the deadlock issue caused by &hwq-cqlock When the ufscdhandleerrhandler function is executed, the CQ event interrupt may enter a waiting state for the same lock. This can occur in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37828)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37828 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in...

CVE-2025-15140

A vulnerability was found in saiftheboss7 onlinemcqexam up to 0e56806132971e49721db3ef01868098c7b42ada. This vulnerability affects unknown code of the file /admin/quesadd.php. Performing manipulation of the argument ans1/ans2 results in sql injection. The attack is possible to be carried out...

CVE-2025-15140 saiftheboss7 onlinemcqexam quesadd.php sql injection

A vulnerability was found in saiftheboss7 onlinemcqexam up to 0e56806132971e49721db3ef01868098c7b42ada. This vulnerability affects unknown code of the file /admin/quesadd.php. Performing manipulation of the argument ans1/ans2 results in sql injection. The attack is possible to be carried out...

PT-2025-53655

Name of the Vulnerable Software and Affected Versions saiftheboss7 onlinemcqexam versions prior to 0e56806132971e49721db3ef01868098c7b42ada Description A SQL injection issue exists in saiftheboss7 onlinemcqexam. The issue is located in the file /admin/quesadd.php and involves manipulation of the...

UBUNTU-CVE-2023-53760

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq-cqlock deadlock issue When ufshcderrhandler is executed, CQ event interrupt can enter waiting for the same lock. This can happen in ufshcdhandlemcqcqevents and also in ufsmtkmcqintr. The following...

CVE-2023-53760

The CVE-2023-53760 entry describes a Linux kernel deadlock in the SCSI/UFS MCQ path. Root cause: ufshcd_err_handler() can trigger CQ event interrupts while holding hwq->cq_lock, allowing a competing IRQ/worker to acquire the same lock in hard IRQ context, risking a deadlock. Affected component...

EUVD-2025-13958

Malicious code in bioql PyPI...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcdmcqcomplpendingtransfer Add a NULL check for the returned hwq pointer by ufshcdmcqreqtohwq. This is similar to the fix in commit 74736103fb41 "scsi: ufs: core: Fix ufshcdabortone racing...

DEBIAN-CVE-2025-37828

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...

AZL-62624 CVE-2025-37826 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcdmcqcomplpendingtransfer Add a NULL check for the returned hwq pointer by ufshcdmcqreqtohwq. This is similar to the fix in commit 74736103fb41 "scsi: ufs: core: Fix ufshcdabortone racing...

DEBIAN-CVE-2025-37826

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcdmcqcomplpendingtransfer Add a NULL check for the returned hwq pointer by ufshcdmcqreqtohwq. This is similar to the fix in commit 74736103fb41 "scsi: ufs: core: Fix ufshcdabortone racing...

UBUNTU-CVE-2025-37828

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...

PT-2025-20357

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition can occur between the MCQ completion path and the abort handler in the Linux kernel. Once a request completes, blk mq free request sets rq-mq hctx to NULL, meaning the...

CVE-2024-46843

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and M...

AZL-50147 CVE-2024-46843 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and M...

CVE-2024-46843

CVE-2024-46843 concerns the Linux kernel SCSI/UFS path. The issue arises when removing the ufshcd driver from a UFS device, potentially causing a kernel panic if ufshcd_async_scan fails during ufshcd_probe_hba before a SCSI host is added. The fix is to guarantee the SCSI host is removed only if i...

CVE-2024-46843 scsi: ufs: core: Remove SCSI host only if added

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and M...

CVE-2024-46843 scsi: ufs: core: Remove SCSI host only if added

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and M...

Online mcq System 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Online mcq System 1.0 XSS vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits | |...