Vulnerabilities

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seerox WP Dynamic Keywords Injector allows Reflected XSS.This issue affects WP Dynamic Keywords Injector: from n/a through 2.3.18.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Momoyoga Yoga Schedule Momoyoga allows Stored XSS.This issue affects Yoga Schedule Momoyoga: from n/a through 2.7.0.

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> efi: runtime: Fix potential overflow of soft-reserved region size<br /> <br /> md_size will have been narrowed if we have &gt;= 4GB worth of pages in a<br /> soft-reserved region.

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> block: Fix WARNING in _copy_from_iter<br /> <br /> Syzkaller reports a warning in _copy_from_iter because an<br /> iov_iter is supposedly used in the wrong direction. The reason<br /> is that syzcaller managed to generate a request with<br /> a transfer direction of SG_DXFER_TO_FROM_DEV. This instructs<br /> the kernel to copy user buffers into the kernel, read into<br /> the copied buffers and then copy the data back to user space.<br /> <br /> Thus the iovec is used in both directions.<br /> <br /> Detect this situation in the block layer and construct a new<br /> iterator with the correct direction for the copy-in.

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> nvme-fc: do not wait in vain when unloading module<br /> <br /> The module exit path has race between deleting all controllers and<br /> freeing &amp;#39;left over IDs&amp;#39;. To prevent double free a synchronization<br /> between nvme_delete_ctrl and ida_destroy has been added by the initial<br /> commit.<br /> <br /> There is some logic around trying to prevent from hanging forever in<br /> wait_for_completion, though it does not handling all cases. E.g.<br /> blktests is able to reproduce the situation where the module unload<br /> hangs forever.<br /> <br /> If we completely rely on the cleanup code executed from the<br /> nvme_delete_ctrl path, all IDs will be freed eventually. This makes<br /> calling ida_destroy unnecessary. We only have to ensure that all<br /> nvme_delete_ctrl code has been executed before we leave<br /> nvme_fc_exit_module. This is done by flushing the nvme_delete_wq<br /> workqueue.<br /> <br /> While at it, remove the unused nvme_fc_wq workqueue too.

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> scsi: target: core: Add TMF to tmr_list handling<br /> <br /> An abort that is responded to by iSCSI itself is added to tmr_list but does<br /> not go to target core. A LUN_RESET that goes through tmr_list takes a<br /> refcounter on the abort and waits for completion. However, the abort will<br /> be never complete because it was not started in target core.<br /> <br /> Unable to locate ITT: 0x05000000 on CID: 0<br /> Unable to locate RefTaskTag: 0x05000000 on CID: 0.<br /> wait_for_tasks: Stopping tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop<br /> wait for tasks: tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop<br /> ...<br /> INFO: task kworker/0:2:49 blocked for more than 491 seconds.<br /> task:kworker/0:2 state:D stack: 0 pid: 49 ppid: 2 flags:0x00000800<br /> Workqueue: events target_tmr_work [target_core_mod]<br /> Call Trace:<br /> __switch_to+0x2c4/0x470<br /> _schedule+0x314/0x1730<br /> schedule+0x64/0x130<br /> schedule_timeout+0x168/0x430<br /> wait_for_completion+0x140/0x270<br /> target_put_cmd_and_wait+0x64/0xb0 [target_core_mod]<br /> core_tmr_lun_reset+0x30/0xa0 [target_core_mod]<br /> target_tmr_work+0xc8/0x1b0 [target_core_mod]<br /> process_one_work+0x2d4/0x5d0<br /> worker_thread+0x78/0x6c0<br /> <br /> To fix this, only add abort to tmr_list if it will be handled by target<br /> core.

Improper Neutralization of Input During Web Page Generation (&amp;#39;Cross-site Scripting&amp;#39;) vulnerability in Paystack Payment Forms for Paystack allows Stored XSS.This issue affects Payment Forms for Paystack: from n/a through 3.4.1.

Improper Neutralization of Input During Web Page Generation (&amp;#39;Cross-site Scripting&amp;#39;) vulnerability in Roxnor ElementsKit Elementor addons Lite elementskit-lite.This issue affects ElementsKit Elementor addons Lite: from n/a through

Improper Neutralization of Input During Web Page Generation (&amp;#39;Cross-site Scripting&amp;#39;) vulnerability in EnvoThemes Envo Extra allows Stored XSS.This issue affects Envo Extra: from n/a through 1.8.11.

Improper Neutralization of Input During Web Page Generation (&amp;#39;Cross-site Scripting&amp;#39;) vulnerability in The CSSIgniter Team Elements Plus! allows Stored XSS.This issue affects Elements Plus!: from n/a through 2.16.3.

Improper Neutralization of Input During Web Page Generation (&amp;#39;Cross-site Scripting&amp;#39;) vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: from n/a through 2.0.2.

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems<br /> <br /> While refactoring the way the ITSs are probed, the handling of quirks<br /> applicable to ACPI-based platforms was lost. As a result, systems such as<br /> HIP07 lose their GICv4 functionnality, and some other may even fail to<br /> boot, unless they are configured to boot with DT.<br /> <br /> Move the enabling of quirks into its_probe_one(), making it common to all<br /> firmware implementations.