CVE-2022-50422

In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the smpexecutetasksg calls deltimer to delete "slowtask-timer". However, if the timer handler sastaskinternaltimedout is running, the deltim...

UBUNTU-CVE-2023-53510

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the...

UBUNTU-CVE-2023-53531

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix poll request timeout handling When doing iouring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. 1 BUG: kernel NULL pointer dereference, address:...

CVE-2023-53531

Technical details for CVE-2023-53531 are not publicly available in the provided connected documents. The materials reference Linux kernel patch notes but do not disclose product/version, exploit vectors, impact, or remediation specifics.

CVE-2023-53531 null_blk: fix poll request timeout handling

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix poll request timeout handling When doing iouring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. 1 BUG: kernel NULL pointer dereference, address:...

CVE-2023-53531 null_blk: fix poll request timeout handling

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix poll request timeout handling When doing iouring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. 1 BUG: kernel NULL pointer dereference, address:...

CVE-2023-53510

CVE-2023-53510 : Linux kernel SCSI UFS core vulnerability. The issue is that ufshcd_queuecommand() could be invoked twice for a SCSI command before completion, caused by improper handling of lrbp->cmd in command submission paths. The fix, per the description, disables checking/clearing of the ...

CVE-2023-53510 scsi: ufs: core: Fix handling of lrbp->cmd

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the...

CVE-2023-53510 scsi: ufs: core: Fix handling of lrbp->cmd

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the...

kernel: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: fix crash due to removal of uninitialised entry A crash in conntrack was reported while trying to unlink the conntrack entry from the hash bucket list: exception RIP: nfctdeletefromlists+172 .. 7...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in the polling request timeout handling in the nullblk driver, which could lead to a null...

CVE-2025-8118 Bruteforce Protection Bypass in PAD CMS

PAD CMS implements weak client-side brute-force protection by utilizing two cookies: logincount and logintimeout. Information about attempt count or timeout is not stored on the server, which allows a malicious attacker to bypass this brute-force protection by resetting those cookies. This issue...

PT-2025-46746

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The lan78xx read raw eeprom function did not correctly handle EEPROM read timeout errors -ETIMEDOUT. The function would discard the original timeout error and return only the status of a...

PT-2025-39967

Name of the Vulnerable Software and Affected Versions PAD CMS affected versions not specified Description The software utilizes weak client-side brute-force protection relying on cookies, specifically login count and login timeout. The attempt count and timeout information are not stored...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:03382-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03382-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points bsc1232089...

SUSE-SU-2025:03382-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. - CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points bsc1232089...

SUSE CVE-2025-39801

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Remove WARNON for device endpoint command timeouts This commit addresses a rarely observed endpoint command timeout which causes kernel panic due to warn when 'paniconwarn' is enabled and unnecessary call trace prints...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

SUSE CVE-2023-53387

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management cmd NOP OUT to the device for link recovery. If this cmd times out and clearing the doorbell fails,...