Preface: The first-level (L1) cache is small enough to provide a one- or two-cycle access time. The second-level (L2) cache is also built from SRAM but is larger, and therefore slower, than the L1 cache. The processor first looks for the data in the L1 cache. If the L1 cache misses, the processor looks in the L2 cache.

Background: Refer to diagram. If a multiple request on point 2 and 3. In normal circumstances, the ID number will be added each time the number is found. Therefore, the URL field might end up looking like example shown below:

2,2,2,4,7,8,8,8,8,8,9,9

So above result has a significant influence on the performance of an algorithm, but in Java You have close to no control over how your data is arranged in memory. If this issue happen in CPU. The processor first looks for the data in the L1 cache. If CPU manufacturer do not focus this matter in design phase. Perhaps it will hit this vulnerability.

Vulnerability details:

CVE-2023-38468 – In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2023-38467 – In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Official announcement: For details, please refer to the link – https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434

Preface: Xiaomi and Samsung are MediaTek’s biggest clients

Background: MediaTek 8188 (MT8188) is a 64-bit ARM SoC introduced by MediaTek in 2022. The chip incorporates eight cores – six Cortex-A55 little cores and two Cortex-A78. Cortex-A78 can operate at up to 2.6 GHz. Cortex-A55 can operate at up to 2.0 GHz.

STC(Store Coprocessor Registers) writes a coprocessor register to memory (or multiple). It is unlikely to get much use out of the STC instruction without some custom coprocessor to use it on, since the behaviour and meaning of the generic coprocessor instructions is defined by the coprocessor itself.

Vulnerability details: In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation.

Remark: According to my observation (predicting the possible cause of this vulnerability), please refer to the attached picture.

Reference I:

STC is available in all versions of the ARM architecture.
STC2 is available in ARMv5T and above.

Reference II:

Race conditions are most commonly associated with computer science and programming. They occur when two computer program processes, or threads, attempt to access the same resource at the same time and cause problems in the system. Race conditions are considered a common issue for multithreaded applications.

Official announcement: For details, please refer to link – https://corp.mediatek.com/product-security-bulletin/September-2023

 (1st Sep 2023)

Preface: AI (Artificial intelligence) moves from big data normalization to learning to understand data, so called trained. It require large amount of computer processing resources.

The machine learning process requires CPUs and GPUs. GPUs are used to train large deep learning models, while CPUs are good for data preparation, feature extraction, and small-scale models. For inference and hyperparameter tweaking, CPUs and GPUs may both be utilized.

Background: The NVIDIA Hopper architecture will supersede the already powerful NVIDIA Ampere architecture.

The NVIDIA DGX H100 System is the universal system purpose-built for all AI infrastructure and workloads, from analytics to training to inference. The system is built on eight NVIDIA H100 Tensor Core GPUs. If you want to run Java programs, but not develop them, download the Java Runtime Environment, or JRE.

BMC uses JViewer to view the console. Launch JViewer – This is an OS-independent plug-in which can be used in Windows as well as Linux with the help of Java Runtime Environment (JRE).

Vulnerability details:

CVE-2023-25528 – NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.

CVE-2023-25533 – NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to information disclosure, code execution, and escalation of privileges.

Official announcement: For details, please refer to the link – https://nvidia.custhelp.com/app/answers/detail/a_id/5473