Monthly Archives: March 2025

AI and ML, Potential Risk of CVE

CVE-2025-2953: Floating point exception in torch[.]mkldnn_max_pool2d (31st Mar 2025)

Leave a comment

Preface: The torch[.]nn[.]MaxPool2d function in PyTorch is used to apply a 2D max pooling operation over an input signal, which is typically an image or a batch of images.

  • Torch[.]mkldnn_max_pool2d is optimized for Intel’s MKL-DNN (Math Kernel Library for Deep Neural Networks). It leverages specific optimizations for Intel CPUs, which can lead to better performance on those processors. It might have limitations in terms of supported features and is more specialized for performance optimization.
  • Torch[.]nn[.]MaxPool2d is a more general implementation that works across different hardware platforms without specific optimizations for Intel CPUs.  It provides more flexibility and is easier to use within the PyTorch ecosystem, supporting various features like padding, dilation, and return indices.

Background: A floating point exception crash when using torch[.]mkldnn_max_pool2d can occur due to several reasons, often related to invalid or extreme values for parameters like kernel size, stride, or padding. Here are some common causes:

  1. Invalid Kernel Size: If the kernel size is set to an extremely large value or zero, it can lead to division by zero or other invalid operations, causing a floating point exception.
  2. Stride and Padding Issues: Similar to kernel size, setting stride or padding to extreme values can result in invalid calculations. For example, a stride of zero can cause the pooling operation to repeatedly access the same elements, leading to a crash.
  3. Input Tensor Dimensions: If the dimensions of the input tensor are not compatible with the specified kernel size, stride, or padding, it can lead to invalid memory access or calculations.

Vulnerability details: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch[.]mkldnn_max_pool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-2953

AI and ML, Potential Risk of CVE, Science, System

Similar to previously disclosed side-channel attacks. Manufacturer (AMD) response to researcher (30-03-2025)

Leave a comment

Preface: On 24th Oct, 2024, Researchers from Azure® Research, Microsoft® have provided to AMD a paper titled “Principled Microarchitectural Isolation on Cloud CPUs.” In their paper, the researchers describe a potential side-channel vulnerability on AMD CPUs. AMD believes that existing mitigation recommendations for prime and probe side-channel attacks remain applicable to the presented vulnerability.

Background: A two-bit saturating up-down counter is a type of counter used in computer architecture, particularly in branch prediction mechanisms. Here’s a brief overview:

  • Two-bit: The counter uses two bits, allowing it to represent four states (00, 01, 10, 11).
  • Up-down: The counter can increment (count up) or decrement (count down) based on the input signal.
  • Saturating: The counter does not wrap around when it reaches its maximum (11) or minimum (00) value. Instead, it stays at these values if further increments or decrements are attempted.
How It Works:
  1. States: The counter has four states: 00, 01, 10, and 11.
  2. Incrementing: If the counter is at 11 and receives an increment signal, it remains at 11. Similarly, if it is at 00 and receives a decrement signal, it stays at 00.
  3. Usage: These counters are often used in branch prediction to keep track of the history of branch outcomes and make predictions based on this history.

Ref: The pattern history table (PHT) branch architecture is an example of an architecture using two-bit saturating up-down counters. It contains a table of two-bit counters used to predict the direction for conditional branches.

About Branch History Leak:

Researchers from The Harbin Institute of Technology have shared with AMD a paper titled “Branch History LeakeR: Leveraging Branch History to Construct a New Side Channel-Theory and Practice” that demonstrates a side channel attack using the Global History Register (GHR).  The GHR is used to assist in conditional branch prediction. The researchers note that the GHR is shared between different security domains and may retain data after a security domain switch.  After a return to the user-space, the researchers were able to infer the direction of recently executed conditional branches.

Official announcement: Please refer to the link for details – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7026.html

Potential Risk of CVE, Under our observation

CVE-2025-30217: SQL injection on Frappe web application framework (27th Mar 2025)

Leave a comment

Preface: The Frappe Framework comes equipped with a wide range of built-in tools and features that accelerate the development process. Developers can leverage ready-to-use modules, templates, and components to create applications quickly.

Background: Frappe Framework – A full-stack web application framework written in Python and Javascript. The framework provides a robust foundation for building web applications, including a database abstraction layer, user authentication and a REST API. Frappe UI: A Vue-based UI library to provide a modern user interface.

Remark: Frappe UI: A Vue-based UI library to provide a modern user interface. The Frappe UI library provides a variety of components that can be used to build single-page applications on top of the Frappe Framework.

Vulnerability details: SQL injection could be achieved via a specially crafted request, which could allow malicious person to gain access to sensitive information.

Ref: The Frappe web application framework can be vulnerable to SQL injection attacks if it constructs SQL commands using externally-influenced input from an upstream component without properly neutralizing special elements.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-30217

AI and ML, Potential Risk of CVE

CVE-2025-30219: About RabbitMQ (26th Mar 2025)

Leave a comment

Preface: Message queues are quite important in machine learning for several reasons:

  1. Decoupling Components: They allow different parts of a machine learning system to operate independently. For example, data producers (like sensors or user inputs) can send data to a queue, and data consumers (like preprocessing units or models) can process this data at their own pace.
  2. Asynchronous Processing: Machine learning tasks, especially training and inference, can be resource-intensive and time-consuming. Message queues enable these tasks to be processed asynchronously, ensuring that the system remains responsive and efficient.
  3. Scalability: By using message queues, you can easily scale your machine learning system. Multiple consumers can process messages from the queue simultaneously, allowing the system to handle larger workloads without bottlenecks.

Background: RabbitMQ can be quite helpful in AI applications! RabbitMQ is an open-source message broker that facilitates communication between different parts of a system asynchronously. Here are some ways it can assist AI:

  1. Task Orchestration: RabbitMQ can manage and distribute tasks across various AI models and services, ensuring efficient processing and load balancing.
  2. Handling Asynchronous Requests: It can queue up inference requests and process them asynchronously, which is particularly useful for resource-intensive AI models.
  3. Data Queuing: RabbitMQ can queue data for processing, allowing AI systems to handle large volumes of data in a controlled manner.

If you enable the management Plugin, you will be able to use not only the webUI but also the HTTP API. In fact, the WebUI is a wrapper around the HTTP API.

Vulnerability details: RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and then make it unrecoverable (with other on disk file modifications) can lead to arbitrary JavaScript code execution in the browsers of management UI users.

When a virtual host on a RabbitMQ node fails to start, recent versions will display an error message (a notification) in the management UI. The error message includes virtual host name, which was not escaped prior to open source RabbitMQ 4.0.3 and Tanzu RabbitMQ 4.0.3, 3.13.8.

Official announcement: Please refer to the link for details –

https://nvd.nist.gov/vuln/detail/CVE-2025-30219

Potential Risk of CVE

CVE-2025-24514: Security Focus of K8s (Kubernetes) 24th Mar 2025

Leave a comment

Preface: A Kubernetes (K8s) sidecar controller is a custom controller designed to manage sidecar containers within a Kubernetes Pod. Sidecar containers are secondary containers that run alongside the main application container in the same Pod. They provide additional functionalities such as logging, monitoring, security, or data synchronization without altering the primary application code.

Background: Ingress annotations in Kubernetes can be used to inject configuration under specific conditions. For example, if you are using an NGINX ingress controller, you can use annotations to add custom configuration snippets. This is often done to handle specific routing rules, security settings, or other custom behaviors.

However, it’s important to be cautious with these annotations, as they can potentially introduce security vulnerabilities. For instance, certain annotations like mirror-target and mirror-host have been found to allow arbitrary configuration injection, which can lead to remote code execution and other security risks.

Vulnerability details:  A security issue was discovered in ingress-Nginx where the “auth-url” ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-Nginx controller.

Note that in default installation, the controller can access all Secrets cluster-wide.

Official announcement: The vulnerability is rated a CVSS 9.8 and is tracked with the following identifiers: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974. Please refer to the link for details

https://nvd.nist.gov/vuln/detail/CVE-2025-1974

https://nvd.nist.gov/vuln/detail/CVE-2025-24514

https://nvd.nist.gov/vuln/detail/CVE-2025-1098

https://nvd.nist.gov/vuln/detail/CVE-2025-1097

Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

CVE-2024-53025: Transient DOS can occur while processing UCI command (24-03-2025)

Leave a comment

NVD Published Date: 03/03/2025
NVD Last Modified: 03/06/2025

Preface: The OpenWrt Project is a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application. For developers, OpenWrt is the framework to build an application without having to build a complete firmware around it.

Background: Qualcomm’s FastConnect™ 7900 is embedded in the Snapdragon 8 Gen 3. This connectivity system is AI-optimized and integrates Wi-Fi 7, Bluetooth, and Ultra Wideband (UWB) technologies, providing unparalleled performance across mobile, compute, and XR experiences. The Snapdragon 8 Gen 3 firmware integrates cutting-edge technologies such as generative AI, enhanced camera capabilities, console-defying mobile gaming, and studio-quality lossless audio.

Remark: The Snapdragon 8 Gen 3 platform includes embedded firmware.

Vulnerability details:  The Qualcomm UCI command can encounter wraparound in scenarios where an integer overflow occurs during calculations. This happens when the logic assumes that the resulting value will always be larger than the original value, leading to a transient denial of service (DOS) condition.

Ref: Due to the combination of the command injection in the openwrt/imagebuilder image and the truncated SHA-256 hash included in the build request hash, an attacker can pollute the legitimate image by providing a package list that causes the hash collision. The issue consists of two main components:

  1. Command Injection in Imagebuilder: During image builds, user-supplied package names are incorporated into make commands without proper sanitization. This allows malicious users to inject arbitrary commands into the build process, resulting in the production of malicious firmware images signed with the legitimate build key.
  2. Truncated SHA-256 Hash Collisions: The request hashing mechanism truncates SHA-256 hashes to only 12 characters. This significantly reduces entropy, making it feasible for an attacker to generate collisions. By exploiting this, a previously built malicious image can be served in place of a legitimate one, allowing the attacker to “poison” the artifact cache and deliver compromised images to unsuspecting users.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2024-53025

Potential Risk of CVE

CVE-2025-30472: Corosync Stack buffer overflow (23rd Mar 2025)

Leave a comment

Preface: Even with the popularity of IP phone SIP trunking, the public telephone network still relies on PABX (Private Automatic Branch Exchange) systems in many cases. SIP trunking allows businesses to connect their IP PBX systems to the Public Switched Telephone Network (PSTN) using the Session Initiation Protocol (SIP), which facilitates voice and data communication over the internet.

Background: Gentoo-based clusters are groups of computers running the Gentoo Linux distribution, configured to work together to perform tasks or provide services. These clusters can be designed for various purposes, such as High Availability (HA), High Performance Computing (HPC), High Throughput Computing (HTC), andHigh Efficiency Computing (HEC).

Gentoo’s flexibility and configurability make it well-suited for building clusters. Many modern Gentoo-based clusters use the Corosync messaging layer and the Pacemaker cluster resource manager. The Corosync Cluster Engine is a group communication system with additional features for implementing high availability within applications. The project provides four C API features: A closed process group communication model with virtual synchrony guarantees for creating replicated state machines.

Even with the popularity of IP phone SIP trunking, the public telephone network still relies on PABX (Private Automatic Branch Exchange) systems in many cases. SIP trunking allows businesses to connect their IP PBX systems to the Public Switched Telephone Network (PSTN) using the Session Initiation Protocol (SIP), which facilitates voice and data communication over the internet. While SIP trunking can eliminate the need for physical PSTN gateways, it often still requires a PBX system to manage internal and external calls1. This setup allows businesses to leverage the benefits of modern IP-based communication while maintaining connectivity with traditional telephone networks.

Vulnerability details: Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-30472

Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

CVE-2025-24201: iOS, iPadOS, and macOS – WebKit Out-of-Bounds Write Vulnerability Security updates (20-03-2025)

Leave a comment

NVD Published Date: 03/11/2025
NVD Last Modified: 03/14/2025

Preface: WebKit is a web browser engine used by Safari and other applications across various platforms like macOS, iOS, Linux, and Windows. It processes web content, including JavaScript, HTML, and CSS.

Background: The Web Content sandbox is a security feature within WebKit that isolates web content from the rest of the system. This means that any potentially harmful web content, such as malicious scripts, is contained within a restricted environment, preventing it from affecting other parts of the system. This sandboxing helps protect users from vulnerabilities and exploits that could arise from visiting compromised websites.

The Web Content sandbox in WebKit uses several shared libraries (.so files) to function properly. These libraries are essential for various operations within the sandboxed environment. Some common libraries that might be involved include:

  1. libwebkit2gtk-4.0.so: This is the main WebKit library for GTK-based applications.
  2. libjavascriptcoregtk-4.0.so: This library handles JavaScript execution within WebKit.
  3. libWPEWebKit.so: Used in WebKit for embedded systems.
  4. libWPEBackend-fdo-1.0.so: Provides backend functionality for WebKit on embedded system.

These libraries help ensure that web content is processed securely and efficiently within the sandbox.

Vulnerability details: An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).

Official announcement: Please refer to the following link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-24201

Potential Risk of CVE, Science

CVE-2025-29909: CryptoLib’s design weakness (19-03-2025)

Leave a comment

Preface: Human being life average 80 year old. Explorering space is a long time travel. So, it only relies on machine.

Even though exploring machine can relies on solar energy. In space there is a lot of uncertainty. For example, the  shock of meteorite. Furthemore, the spacecraft operates in a unique environment, the spacecraft’s power system must also be able to operate in zero gravity and vacuum conditions, and be able to withstand large amounts of radiation (most electronic equipment will not operate in such an environment). On our earth also have gravity seems not want human being leave our earth. Believed it or not, this is our destiny.

Background: CryptoLib is indeed used in space technology! It provides a C-based software implementation of the CCSDS Space Data Link Security Protocol (SDLS) and SDLS Extended Procedures (SDLS-EP) to secure communications between spacecraft flight software and ground stations. This library supports various encryption libraries and protocols, including Telecommand (TC), Telemetry (TM), and Advanced Orbiting Systems (AOS).

CryptoLib is designed to support smaller missions with stringent size, weight, and power constraints, making it a valuable tool for secure satellite communications.

Vulnerability details: CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol – Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in CryptoLib’s `Crypto_TC_ApplySecurity()` allows an attacker to craft a malicious TC frame that causes out-of-bounds memory writes. This can result in denial of service (DoS) or, under certain conditions, remote code execution (RCE). Any application or system that relies on CryptoLib for Telecommand (TC) processing and does not strictly validate incoming TC frames is at risk. This includes satellite ground stations or mission control software where attackers can inject malformed frames.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-29909

Potential Risk of CVE, System

A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 (18-03-2025)

Leave a comment

Preface: Stateless applications perform tasks based on the input provided in the current transaction. These applications make use of Content Delivery Network (CDN) and web to process short term requests. Unlike stateful applications, stateless applications do not save users data. There is no stored knowledge or information for reference to past records. 

Containers are widely used for deploying microservices, running stateful applications, and achieving high-performance, scalable solutions.

Background: A 32-bit signed integer can represent values from -2,147,483,648 to 2,147,483,647. When applied to UID (User Identifier) and GID (Group Identifier), it means that the maximum value for these identifiers is 2,147,483,647.

Setting a user with a specific UID:GID serves several important purposes in Unix-like operating systems:

  1. Identification: The UID uniquely identifies a user, while the GID identifies the group to which the user belongs. This helps the system manage user permissions and access control.
  2. Permissions Management: UIDs and GIDs are used to determine the access rights of users and groups to files and directories. For example, a file might be readable and writable by its owner (identified by UID), but only readable by others in the same group (identified by GID).
  3. Security: By assigning different UIDs and GIDs, the system can enforce security policies, ensuring that users can only access the resources they are permitted to. This is crucial for maintaining the integrity and confidentiality of data.
  4. Resource Allocation: UIDs and GIDs help in allocating system resources, such as CPU time and memory, to users and groups.
  5. This ensures fair usage and prevents any single user or group from monopolizing system resources.

Vulnerability details: containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior for environments that require containers to run as a non-root user.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2024-40635