Why the road from passwords to passkeys is long, bumpy, and worth it – probably

April 25, 2025

The passkey standard has reached a precarious moment. Let’s not blow it, OK?

Source: Latest newsÂ

Previous ArticleAnthropic finds alarming ’emerging trends’ in Claude misuse report

Next Article NVIDIA’s next 8GB RTX GPU could arrive May 19, but here’s why buying on launch day isn’t a good idea

Highlights

CVE-2025-37828 – “ufs Linux Kernel NULL Pointer Dereference Vulnerability”

May 8, 2025

CVE ID : CVE-2025-37828

Published : May 8, 2025, 7:15 a.m. | 58 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()

A race can occur between the MCQ completion path and the abort handler:
once a request completes, __blk_mq_free_request() sets rq->mq_hctx to
NULL, meaning the subsequent ufshcd_mcq_req_to_hwq() call in
ufshcd_mcq_abort() can return a NULL pointer. If this NULL pointer is
dereferenced, the kernel will crash.

Add a NULL check for the returned hwq pointer. If hwq is NULL, log an
error and return FAILED, preventing a potential NULL-pointer
dereference. As suggested by Bart, the ufshcd_cmd_inflight() check is
removed.

This is similar to the fix in commit 74736103fb41 (“scsi: ufs: core: Fix
ufshcd_abort_one racing issue”).

This is found by our static analysis tool KNighter.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

Laravel in the First Half of 2025

Laravel in the First Half of 2025

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

GOnnect – easy to use VoIP client

GOnnect – easy to use VoIP client

Gnuinos – spin of Devuan Linux

5 Best Free and Open Source Backend Electronic Circuit Simulators

Why the road from passwords to passkeys is long, bumpy, and worth it – probably

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

LWiAI Podcast #205 – Gemini 2.5, ChatGPT Image Gen, Thoughts of LLMs

CVE-2025-38155 – “Qualcomm Atheros mt76 Wireless Null Pointer Dereference Vulnerability”

April 2025 Wallpapers Edition

CVE-2025-49281 – Magways PHP Remote File Inclusion Vulnerability

CVE-2025-37828 – “ufs Linux Kernel NULL Pointer Dereference Vulnerability”

Rebellion’s Atomfall has already reached 1.5 million players

CVE-2025-5204 – Open Asset Import Library Assimp Out-of-Bounds Read Vulnerability

New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack

Why the road from passwords to passkeys is long, bumpy, and worth it – probably

Related Posts