Monthly Archives: February 2025

AI and ML, Potential Risk of CVE

CVE‑2024‑53880: NVIDIA Triton Inference Server contains a vulnerability in the model loading API (14th Feb 2025)

Leave a comment

Original release date: February 11, 2025

Preface: The NVIDIA Triton Inference Server API supports both HTTP/REST and GRPC protocols. These protocols allow clients to communicate with the Triton server for various tasks such as model inferencing, checking server and model health, and managing model metadata and statistics.

Background: NVIDIA Triton™ Inference Server, part of the NVIDIA AI platform and available with NVIDIA AI Enterprise, is open-source software that standardizes AI model deployment and execution across every workload.

The Asynchronous Server Gateway Interface (ASGI) is a calling convention for web servers to forward requests to asynchronous-capable Python frameworks, and applications. It is built as a successor to the Web Server Gateway Interface (WSGI).

Vulnerability details: NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A successful exploit of this vulnerability might lead to denial of service.

Official announcement: Please refer to the vendor announcement for details – https://nvidia.custhelp.com/app/answers/detail/a_id/5612

AI and ML, Potential Risk of CVE

CVE-2025-23359 – NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability (11th Feb 2025)

Leave a comment

Preface: In software development, time-of-check to time-of-use (TOCTOU, TOCTTOU or TOC/TOU) is a class of software bugs caused by a race condition involving the checking of the state of a part of a system (such as a security credential) and the use of the results of that check.

Background: The NVIDIA container stack is architected so that it can be targeted to support any container runtime in the ecosystem. The components of the stack include:

The NVIDIA Container Runtime (nvidia-container-runtime)

The NVIDIA Container Runtime Hook (nvidia-container-toolkit / nvidia-container-runtime-hook)

The NVIDIA Container Library and CLI (libnvidia-container1, nvidia-container-cli)

The components of the NVIDIA container stack are packaged as the NVIDIA Container Toolkit.

The NVIDIA Container Toolkit is a key component in enabling Docker containers to leverage the raw power of NVIDIA GPUs. This toolkit allows for the integration of GPU resources into your Docker containers.

Remark: The Podman command can be used with remote services using the –remote flag. Connections can be made using local unix domain sockets, ssh

Vulnerability details: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Official announcement: Please refer to the vendor announcement for detail – https://nvidia.custhelp.com/app/answers/detail/a_id/5616

Potential Risk of CVE

CVE-2024-21924 – AMD SMM Callout Vulnerability (11th Feb 2025)

Leave a comment

Preface: The SmmMemLib[.]c library is part of the EDK II (EFI Development Kit II) project, which is an open-source implementation of the UEFI (Unified Extensible Firmware Interface) and PI (Platform Initialization) specifications. This library is specifically used for memory management within System Management Mode (SMM).

Background: The AMD Ryzen processors do not specifically use the SmmMemLib[.]c library. Instead, AMD provides a set of optimized libraries known as the AMD Optimizing CPU Libraries (AOCL), which are designed for high-performance computing and scientific applications. These libraries include various components like AOCL-BLAS, AOCL-LAPACK, AOCL-FFTW, and more. AMD Optimizing CPU Libraries (AOCL) are a set of numerical libraries optimized for AMD “Zen”-based processors, including EPYCTM , RyzenTM ThreadripperTM , and RyzenTM .

Vulnerability details: Analysis by AMD is that a ring 0 attacker could modify boot service tables to point to their own code, potentially resulting in arbitrary code execution. AMD has released mitigations to address this vulnerability. SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution.

Official announcement: Please refer to link for details –
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7028.html

Potential Risk of CVE

CVE-2025-21684: A Linux GPIO (General Purpose Input/Output) driver design weakness (11th Feb 2025)

Leave a comment

Preface: In the concept of Industry 4.0, the Internet of Things (IoT) shall be used for the development of so-called smart products.

Background: The GPIO driver provides an interface for user-space applications and kernel modules to access and control the GPIO pins. It abstracts the hardware details, making it easier for developers to write code that interacts with the GPIOs without needing to know the specifics of the underlying hardware.

GPIO pins on hardware are often used in automation. They can be programmed to control various devices and systems, such as:

•       Home automation: Controlling lights, fans, and other appliances.

•       Industrial automation: Managing machinery, sensors, and actuators in manufacturing processes.

•       Robotics: Operating motors, servos, and sensors to control robot movements and actions.

•       IoT (Internet of Things): Connecting and controlling smart devices and sensors.

SCADA (Supervisory Control and Data Acquisition) systems can use GPIO pins. SCADA systems are designed to monitor and control industrial processes and infrastructure, and they often interface with various sensors and actuators. GPIO pins can be used in SCADA systems to:

•       Read digital inputs: Such as switches, sensors, and other binary devices.

•       Control digital outputs: Like relays, LEDs, and other on/off devices.

•       Interface with analog inputs/outputs: Through additional circuitry or modules that convert analog signals to digital and vice versa.

For example, GPIO pins can be used to monitor the status of a machine, control the operation of a valve, or read data from a temperature sensor.

Vulnerability details: Linux Kernel Vulnerability in Xilinx GPIO Locking Mechanism.

Official Announcement – please see the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-21684

Potential Risk of CVE

Cache-based Side-Channel Attack Against SEV (10th Feb 2024)

Leave a comment

Originally posted by AMD 3rd Feb 2025

Preface: FIPS 186-5 removes DSA as an approved digital signature algorithm “due to a lack of use by industry and based on academic analyses that observed that implementations of DSA may be vulnerable to attacks if domain parameters are not properly generated.

February 3, 2023 – NIST published Federal Information Processing Standard (FIPS) 186-5, Digital Signature Standard (DSS), along with NIST Special Publication (SP) 800-186, Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters.  

Background: The SEV feature relies on elliptic-curve cryptography for its secure key generation, which runs when a VM is launched. The VM initiates the elliptic-curve algorithm by providing points along its NIST (National Institute of Standards and Technology) curve and relaying the data based on the private key of the machine.

Vulnerability details: AMD has received a report from researchers at National Taiwan University detailing cache-based side-channel attacks against Secure Encrypted Virtualization (SEV).

Remedy: AMD recommends software developers employ existing best practices for prime and probe attacks (including constant-time algorithms) and avoid secret-dependent data accesses where appropriate.  AMD also recommends following previously published guidance regarding Spectre type attacks (refer to the link in the reference section below), as it believes the previous guidance remains applicable to mitigate these vulnerabilities.

Office announcement: Please refer to the link for details – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3010.html

Potential Risk of CVE

CVE-2024-56161 – AMD SEV Confidential Computing Vulnerability (7th Feb 2024)

Leave a comment

Preface: Sometimes, when a solution is misused or misconfigured, it can use this testing feature as a sword!

Background: AMD SEV (Secure Encrypted Virtualization) is a hardware-based security feature designed to enhance the confidentiality and integrity of virtual machines (VMs) running on AMD EPYC processors. Here are some key points about it:

  1. Memory Encryption: SEV encrypts the memory of individual VMs using unique encryption keys. This ensures that neither the hypervisor nor other VMs can access the data of a specific VM.
  2. Isolation: SEV creates an isolated execution environment, protecting VMs from potential attacks originating from the hypervisor or other VMs.
  3. SEV-SNP (Secure Nested Paging): This is an extension of SEV that adds strong memory integrity protections. It helps prevent malicious hypervisor-based attacks like data replay and memory re-mapping, further enhancing the security of the VMs.
  4. Recent Vulnerability: A recent vulnerability (CVE-2024-56161) was discovered in SEV-SNP, which could allow an attacker with local admin privileges to load malicious CPU microcode, compromising the confidentiality and integrity of VMs. AMD has released patches to mitigate this issue.

Vulnerability details: Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.

Office announcement: Please refer to the link for details https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.html

Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

CVE-2025-0096 – Fix malloc buffer size (6th Feb 2025)

Leave a comment

Original release date: February 3, 2025

Preface: The Hardware Abstraction Layer (HAL) is not outdated with Android 15. In fact, HAL continues to play a crucial role in the Android architecture. Android 15 includes improvements and updates to various HAL components, ensuring they remain relevant and effective for modern hardware and software requirements.

Background: Android 15 continues to use hal_fwlog[.]cc because it remains a crucial component for logging firmware-related events and activities within the Hardware Abstraction Layer (HAL). The HAL provides a standardized interface for hardware vendors, allowing the Android operating system to communicate with hardware components without needing to know the specifics of the hardware. This ensures compatibility and stability across various devices and hardware configurations.

Maintaining hal_fwlog[.]cc helps in diagnosing and troubleshooting hardware issues, ensuring that the system can log and monitor firmware activities effectively. This is essential for maintaining the overall reliability and performance of the Android operating system.

Vulnerability details: Fix malloc buffer size in hal_fwlog[.]cc

The hal_fwlog[.]cc file in Android is part of the Hardware Abstraction Layer (HAL). This file is typically used for logging firmware-related events and activities. The HAL provides a standard interface for hardware vendors to implement, allowing the Android operating system to communicate with hardware components without needing to know the specifics of the hardware.

Official announcement: Please refer to the link for details – https://source.android.com/docs/security/bulletin/2025-02-01

Uncategorized

CVE-2025-0091: Block the content scheme intent in AccountTypePreferenceLoader (3rd Feb 2025)

Leave a comment

Preface: As of January 2025, Android holds a global market share of 72.15%, which is a big jump from just 12% back in 2010.

Background: The AccountTypePreferenceLoader is a class within the Android Settings app. It is responsible for loading and displaying account preferences, which include settings related to authenticator apps. This class plays a crucial role in managing user accounts and preferences on Android devices.

For example, when you add a new email account or a social media account to your Android device, the AccountTypePreferenceLoader ensures that the specific settings for that account type are properly loaded and displayed in the Settings app. This makes it easier for users to manage their accounts and customize their preferences.

Vulnerability details: AccountTypePreferenceLoader.java, there is a possible way to retrieve protected files from the Settings app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Official announcement: For more details, please refer to the following link – https://source.android.com/docs/security/bulletin/2025-02-01

Application Development, Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

CVE-2025-0098 : Prevent activity token leaked to another process (3rd Feb 2025)

Leave a comment

Preface: Android frameworks deliver an environment where you already have access to libraries, best practices, and extensive help documentation. As a matter of fact, there are well over ten android frameworks.

Background: TaskFragmentOrganizerController[.]java is a part of the Android Open Source Project (AOSP). It is located in the services/core/java/com/android/server/wm directory of the Android framework. This file is responsible for managing the organization and lifecycle of task fragments within the Android window management system.

The TaskFragmentOrganizerController works closely with the TaskFragmentOrganizer class, which provides an interface for controlling task fragments. These task fragments allow for more flexible and dynamic UI layouts by enabling parts of an activity to be managed independently.

In the context of TaskFragmentOrganizerController[.]java, a token typically refers to an identifier used to manage and track task fragments within the Android window management system. These tokens are often used to ensure that operations on task fragments are performed securely and correctly.

For example, a temporary token might be generated to allow an organizer to reparent an activity through a WindowContainerTransaction. This helps maintain the integrity and security of the task fragments being managed.

Remark: WindowContainerTransaction represents a collection of operations on some WindowContainer that should be applied at once.

Vulnerability details: Malicious app could register the organizer via one-way binder call to disguise as running on pid 0.

Official announcement: Please refer to the link for details – https://source.android.com/docs/security/bulletin/2025-02-01

Potential Risk of CVE

CVE-2024-7881: To be or not to be (State Injection Into Hardware Prefetchers)?

Leave a comment

Preface: instruction cache (I-cache) and a data cache (D-cache)

This is the smallest and fastest type of cache memory. It’s embedded directly into the CPU, allowing it to operate at the same speed as the CPU. The L1 cache is typically divided into two parts: one for storing instructions (L1i) and one for storing data (L1d).

Background: Instruction prefetching can boost execution performance by fetching data before it is needed. The Cortex-X4 core supports the AArch64 prefetch memory instructions, PRFM PLI, into the L1 instruction cache or L2 cache.  These instructions signal to the memory system that memory accesses from a specified address are likely to occur soon. The memory system takes actions that aim to reduce the latency of memory accesses when they occur. The PRFM PLD and PRFM PST instructions perform preloading in the L1 data cache, L2 cache, or L3 cache. PRFM PLD and PRFM PST instructions translate through the Data TLB. The PRFM PLI instruction performs preloading to the L1 instruction cache and L2 cache. Instruction preloading is performed in the background. PRFM PLI instructions translate through the Instruction TLB.

Vulnerability details: An issue has been identified in some Arm-based CPUs that may allow an unprivileged context to trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location (for which it does not have read permission) and consume those contents as an address that is also dereferenced. 

Note that this issue does not affect guest-to-guest and guest-to-hypervisor isolation guarantees. Likewise, in configurations with RME enabled, Granule Protection Checks (GPC) are honoured by the prefetcher. 

Official details: Please refer to the link for details –

https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881

https://nvd.nist.gov/vuln/detail/CVE-2024-7881