UBUNTU-CVE-2022-50430

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with mutex and need TASKRUNNING here. Ensure that we mark current as TASKRUNNING for sleepable context. 77.554641 do not call blockin...

UBUNTU-CVE-2022-50422

In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the smpexecutetasksg calls deltimer to delete "slowtask-timer". However, if the timer handler sastaskinternaltimedout is running, the deltim...

UBUNTU-CVE-2023-53461

In the Linux kernel, the following vulnerability has been resolved: iouring: wait interruptibly for request completions on exit WHen the ring exits, cleanup is done and the final cancelation and waiting on completions is done by ioringexitwork. That function is invoked by kworker, which doesn't...

CVE-2023-53461 io_uring: wait interruptibly for request completions on exit

In the Linux kernel, the following vulnerability has been resolved: iouring: wait interruptibly for request completions on exit WHen the ring exits, cleanup is done and the final cancelation and waiting on completions is done by ioringexitwork. That function is invoked by kworker, which doesn't...

CVE-2023-53461

CVE-2023-53461 pertains to the Linux kernel’s io_uring exit path. The vulnerability comes from io_ring_exit_work, invoked by kworker, waiting on request completions in a way that could interact with signal handling. The patch changes the wait state from TASK_UNINTERRUPTIBLE to TASK_INTERRUPTIBLE ...

CVE-2022-50430

CVE-2022-50430 affects the Linux kernel mmc vub300 driver. The fix prevents calling blocking operations when the current task is not TASK_RUNNING by ensuring vub300_enable_sdio_irq() uses proper mutex usage and marks the current task as TASK_RUNNING in a sleepable context. This reduces a potentia...

CVE-2022-50430 mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with mutex and need TASKRUNNING here. Ensure that we mark current as TASKRUNNING for sleepable context. 77.554641 do not call blockin...

CVE-2022-50430 mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with mutex and need TASKRUNNING here. Ensure that we mark current as TASKRUNNING for sleepable context. 77.554641 do not call blockin...

CVE-2022-50422 scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()

In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the smpexecutetasksg calls deltimer to delete "slowtask-timer". However, if the timer handler sastaskinternaltimedout is running, the deltim...

CVE-2022-50422 scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()

In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the smpexecutetasksg calls deltimer to delete "slowtask-timer". However, if the timer handler sastaskinternaltimedout is running, the deltim...

CVE-2022-50422 scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()

In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the smpexecutetasksg calls deltimer to delete "slowtask-timer". However, if the timer handler sastaskinternaltimedout is running, the deltim...

CVE-2022-50422

CVE-2022-50422 affects the Linux kernel’s SCSI LIBSAS path. When SMP task execution fails, smp_execute_task_sg() calls del_timer() to remove slow_task->timer, but if sas_task_internal_timedout() is running, the timer isn’t stopped, causing a use-after-free of task->slow_task. The fix is to ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ioringexitwork function waiting for a request to complete without using an interruptible state, which...

PT-2025-40115

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5 Description The Linux kernel contained an issue within the vub300 driver related to handling interrupts in sleepable contexts. Specifically, the vub300 enable sdio irq function did not properly ensure...

PT-2025-40107

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the libsas component of the Linux kernel, specifically within the smp execute task sg function. This occurs when an SMP task execution fails, and the del...

CVE-2025-41250 Header injection vulnerability

VMware vCenter contains an SMTP header injection vulnerability. A malicious actor with non-administrative privileges on vCenter who has permission to create scheduled tasks may be able to manipulate the notification emails sent for scheduled tasks...

SecInfer: Preventing Prompt Injection Via Inference-Time Scaling

Prompt injection attacks pose a pervasive threat to the security of Large Language Models LLMs. State-of-the-art prevention-based defenses typically rely on fine-tuning an LLM to enhance its security, but they achieve limited effectiveness against strong attacks. In this work, we propose...

PT-2025-39851

Name of the Vulnerable Software and Affected Versions VMware vCenter affected versions not specified Description VMware vCenter contains an SMTP header injection vulnerability. An attacker with non-administrative privileges on vCenter, who has permission to create scheduled tasks, may be able to...

CVE-2025-11071

A security vulnerability has been detected in SeaCMS 13.3.20250820. Impacted is an unknown function of the file /admincron.php of the component Cron Task Management Module. The manipulation of the argument resourcefrom/collectID leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-11071

A security vulnerability has been detected in SeaCMS 13.3.20250820. Impacted is an unknown function of the file /admincron.php of the component Cron Task Management Module. The manipulation of the argument resourcefrom/collectID leads to sql injection. The attack can be initiated remotely. The...