Category Archives: Application Development

AI and ML, Application Development, Potential Risk of CVE

CVE-2025-12863: About the libxml2 XML parsing library (11th Nov 2025)

Leave a comment

Preface: Libxml2, a C library for parsing and manipulating XML documents, can be relevant in machine learning contexts when dealing with data stored or exchanged in XML format. While not a machine learning library itself, libxml2, or its Python binding lxml, serves as a foundational tool for data preparation and feature engineering.

Ref: The “difference” between Libxml and Libxml2 is that they are essentially the same thing, with “libxml2” being the official and specific name for the library.

Background: Moving nodes between XML documents can happen in machine learning workflows, especially during data integration, comparison, or transformation.  

When would you be at risk?

You’d be at risk if:

  • You use libxml2 or lxml to move nodes from one document to another (e.g., merging XML trees).
  • The underlying library internally calls xmlSetTreeDoc() during such operations.
  • The original document gets freed while namespace pointers still reference it.

Vulnerability details: A flaw was found in the xmlSetTreeDoc() function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory region when the original document is destroyed. As a result, subsequent operations that access the namespace can lead to a use-after-free condition, causing an application crash.

Official announcement: Please refer to the link for details.

https://www.tenable.com/cve/CVE-2025-12863

https://access.redhat.com/security/cve/cve-2025-12863

AI and ML, Application Development, Potential Risk of CVE, System

AMD ID: AMD-SB-7055RDSEED Failure on AMD “Zen 5” Processors(27th-10-2025)

Leave a comment

Preface: The main consequence of an RDSEED failure on AMD Zen 5 processors is instability, crashes, and potentially corrupted data, as this issue affects the processor’s ability to generate high-quality random numbers for cryptography and other sensitive tasks. This has led to the development of Linux kernel patches to temporarily disable RDSEED on affected Zen 5 CPUs until AMD provides a permanent hardware or firmware fix.

Background: RDSEED is a CPU instruction that provides high-entropy random numbers directly from a hardware entropy source, such as the Intel Digital Random Number Generator. It is designed to be used to seed other pseudo-random number generators (PRNGs) for cryptographic applications, ensuring a secure and unpredictable starting point.

RDSEED is a CPU instruction that provides high-entropy random numbers directly from a hardware entropy source, such as the Intel Digital Random Number Generator. It is designed to be used to seed other pseudo-random number generators (PRNGs) for cryptographic applications, ensuring a secure and unpredictable starting point.

Vulnerability Details: AMD was notified of a bug in “Zen 5” processors that may cause the RDSEED instruction to return 0 at a rate inconsistent with randomness while incorrectly signaling success (CF=1), indicating a potential misclassification of failure as success. This issue was initially reported publicly via the Linux kernel mailing list and was not submitted through AMD’s Coordinated Vulnerability Disclosure (CVD) process.

AMD has determined that the 16-bit and 32-bit forms of the RDSEED instruction on “Zen 5” processors are affected. The 64-bit form of RDSEED is not affected. AMD plans to release mitigations for this vulnerability.

Official announcement: Please refer to the link for details –

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7055.html

Application Development, Potential Risk of CVE

AMD response to research about Physical Address Bit Leakage on SEV-SNP Systems (22-10-2025)

Leave a comment

Official Revision Date: 20-10-2025

Preface: A 3rd Gen AMD EPYC processor uses an integrated memory controller within its System on a Chip (SoC) to connect to DDR4 DRAM modules, rather than having a separate memory controller component. The memory controller is part of the I/O Die (IOD) which is connected to the Core Complex Dies (CCDs) via the Infinity Fabric. Each processor has up to eight memory channels, each capable of supporting up to two DIMM slots, for a maximum of 4TB of memory per socket.

Background: The secure memory area for the RMP (Reverse Map Table) on a 3rd Gen AMD EPYC processor is a protected region within the DDR4 DRAM modules themselves, managed by the processor’s security features. It is not located inside the SoC but is in a secure area of the system’s main RAM, making it part of the dedicated system memory rather than the processor’s on-chip memory.

In a 3rd Gen AMD EPYC processor, the secure memory area for the Reverse Map Table (RMP) is a protected region within the DDR4 DRAM modules themselves, not a separate “hidden area” on the SoC. The secure memory is managed by the processor’s security features, such as the AMD Secure Processor (ASP), to protect the RMP and prevent attacks that could manipulate it.

Vulnerability details: Researchers reported a cache-based side-channel that could allow an unprivileged user process on AMD Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP) systems to leak up to six bits of physical address information. The researchers also noted that this leakage does not have an immediate security impact.

AMD has determined that the leakage results from Reverse Map Table (RMP) entries being cached in the L1D and L2 caches. Given that at most six physical address bits are exposed, AMD concurs with the researchers that this leakage does not have an immediate security impact.

Ref: In the absence of an immediate fix from AMD, the only way to reduce the risk of cache-based side-channel attacks in SEV-SNP environments is to follow secure memory handling and system-level best practices.

Official announcement: Please see the link for details – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3036.html

Application Development, Potential Risk of CVE

AMD response to research about ‘GhostFetch’ (21-10-2025)

Leave a comment

Official Revision Date: 17-10-2025

Preface: SEV-SNP is a security technology for confidential computing that encrypts virtual machine memory. SEV-SNP protects memory contents and integrity, and its security model does not depend on the cache indexing method.

Background: While SEV-SNP provides strong memory encryption and integrity protections, it does not offer built-in hardware protections specifically for PIPT cachesagainst all forms of side-channel attacks. However, AMD has introduced optional mitigations and best practices to reduce exposure:

  • SEV-SNP includes optional features to mitigate indirect branch predictor poisoning, which is a form of side-channel attack. This helps protect against speculative execution vulnerabilities like Spectre.
  • SEV-ES and SEV-SNP encrypt CPU register states during VM exits, preventing leakage of sensitive data through register inspection.
  • The Reverse Map Table (RMP) ensures that only the owner of a memory page can write to it. This prevents memory aliasing and replay attacks, which could otherwise be exploited via cache-based side channels.
  • SEV-SNP uses Page Validation to ensure that guest pages map to only one physical memory page at a time, reducing the risk of inconsistent memory views that could be exploited.

Vulnerability details: Researchers have shared with AMD a paper titled “GhostFetch: Uncovering and Exploiting the Physical-Address-Indexed Prefetcher to Break AMD SEV-SNP” which describes a prefetcher-based hardware side channel attack.

In their paper the researchers describe a method of using shared prefetcher state to determine whether the virtual address of a load matches the expected address, or whether a load access pattern matches an expected stride.  Either check requires multiple runs but potentially results in loss of confidentiality if the targeted code has either a secret dependent branch or a load access pattern that is secret dependent.

AMD’s response:

AMD believes that the researchers have not identified any AMD prefetchers that have not already been disclosed in the Software Optimization Guide and did not identify any new security implications with AMD prefetchers.

Official announcement: Please see the link for details –

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7047.html

Application Development, Potential Risk of CVE

CVE-2025-54419: Design weakness in version 5[.]0[.]1, Node-SAML (30th July 2025)

Leave a comment

Preface: SSO isn’t completely secure; in fact, it depends on the design of the entire system. This month, a YouTuber, known for his camera skills, posted a video about his experience, which resulted in him losing all his miles redeemed in February 2025. He contacted airline customer service, but received no reasonable response. The airline strictly adhered to SSO certification regulations. The truth later came to light this month (July 2025).

Background: node-saml is a specific library for implementing SAML 2.0 authentication in Node.js applications. The node-saml is designed for Node.js, meaning its API and integration patterns are tailored for the JavaScript ecosystem. Other SAML libraries exist for different programming languages (e.g., Java, Python, .NET), each with its own conventions and dependencies.

A SAML response or assertion signed with the Identity Provider’s (IdP) private key is considered a validly signed document. This digital signature ensures the integrity and authenticity of the SAML message, confirming it hasn’t been tampered with and originates from a trusted IdP.

SAML relies on digital signatures to ensure the integrity and authenticity of messages exchanged between the Identity Provider (IdP) and the Service Provider (SP). The IdP digitally signs SAML responses and assertions using its private key. The SP then uses the corresponding public key (obtained from the IdP’s signing certificate) to verify the signature, ensuring the message hasn’t been tampered with and originates from a trusted IdP.

Vulnerability details: A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any character from the SAML assertion username. To conduct the attack an attacker would need a validly signed document from the identity provider (IdP). This is fixed in version 5.1.0.

Official announcement: Please refer to the link for details – https://www.tenable.com/cve/CVE-2025-54419

Application Development, Potential Risk of CVE

CVE-2025-3305: code projects IKUN_Library – Improper access control and incorrect privilege  assignment (6th Apr 2025)

Leave a comment

Preface: Investment bank use Spring Boot for developing microservices and REST APIs. Hospitality utilizes Spring Boot for various backend services. Automotive company Uses Spring Boot for configuration management and service discovery.

Background: IKUN_Library 1.0 is a library management system developed using SpringBoot and MyBatis. It provides functionalities for managing books, readers, and borrowing records. The system includes features like:

  • Basic CRUD operations (Create, Read, Update, Delete)
  • Login validation with interceptors
  • RESTful API for interface design
  • Database management using MySQL

Spring Boot is a popular framework that can be used to build a wide variety of Java applications, including: Web applications: Spring Boot is commonly used to build web applications, including REST APIs, web services, and MVC-based applications.

Vulnerability details: A vulnerability has been found in 1902756969/code-projects IKUN_Library 1.0 and classified as problematic. This vulnerability affects the function addInterceptors of the file MvcConfig[.]java of the component Borrow Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Official announcement: Please refer to the official announcement for details – https://nvd.nist.gov/vuln/detail/CVE-2025-3305

Application Development, Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

CVE-2025-0098 : Prevent activity token leaked to another process (3rd Feb 2025)

Leave a comment

Preface: Android frameworks deliver an environment where you already have access to libraries, best practices, and extensive help documentation. As a matter of fact, there are well over ten android frameworks.

Background: TaskFragmentOrganizerController[.]java is a part of the Android Open Source Project (AOSP). It is located in the services/core/java/com/android/server/wm directory of the Android framework. This file is responsible for managing the organization and lifecycle of task fragments within the Android window management system.

The TaskFragmentOrganizerController works closely with the TaskFragmentOrganizer class, which provides an interface for controlling task fragments. These task fragments allow for more flexible and dynamic UI layouts by enabling parts of an activity to be managed independently.

In the context of TaskFragmentOrganizerController[.]java, a token typically refers to an identifier used to manage and track task fragments within the Android window management system. These tokens are often used to ensure that operations on task fragments are performed securely and correctly.

For example, a temporary token might be generated to allow an organizer to reparent an activity through a WindowContainerTransaction. This helps maintain the integrity and security of the task fragments being managed.

Remark: WindowContainerTransaction represents a collection of operations on some WindowContainer that should be applied at once.

Vulnerability details: Malicious app could register the organizer via one-way binder call to disguise as running on pid 0.

Official announcement: Please refer to the link for details – https://source.android.com/docs/security/bulletin/2025-02-01

AI and ML, Application Development

Pushing open source development concept into space (27th Dec 2024)

Leave a comment

Preface: We live in a three-dimensional world. We move in space, left or right, forward or backward, up or down. Furthermore, living things do not live forever. Hardware and software also have life cycles. Human beings seem to be destined to live on earth. There are eight planets in the solar system that are not suitable for human survival. Rockets travel through the atmosphere to explore space. The time required is unknown, and there is no absolute answer to whether the target will be found. In space, the unit of distance is light years. From one planet to another. It requires at least a lifetime of human dedication. I assume that the AI ​​collects all existing data collected by SpaceX for analysis, and if the AI ​​cannot completely open the secret door of the Einstein-Rosen Bridge (for time travel), maybe he will stay on Earth.

Technical focus: For computers to survive in space, they must be hardened — made of resilient materials and designed to withstand high doses of radiation. But to make a computer fit for space takes years. Satellite manufacturers therefore often have to make do with rather obsolete processors.

About software development: Java has become one of the most widely used programming languages across various industries, including space exploration. At NASA, Java is used for developing highly interactive systems, mission-critical software, and user interfaces that support space operations.

Ref: Java Pathfinder (JPF) is a model checker for Java. The technology takes a Java program and “executes” it in a way that explores all possible executions/interleavings of the threads in the program. This allows JPF to detect certain bugs (e.g., deadlocks and assertion violations) that may be missed during testing.

About the topic: Antmicro & AetheroSpace launched  Zephyr IoT into space in SpaceX’s. Aethero has recently announced a groundbreaking collaboration with Antmicro, a leading technology company specializing in open source tools, to develop cutting-edge edge AI hardware tailored for space applications.

Antmicro played a crucial role in providing the software foundation for the NxN Edge Computing Module, contributing both Linux and Zephyr RTOS software for controlling the payload. Additionally, Antmicro implemented their open source RDFM framework, enabling modular, configurable, multi-OS device OTA updates and fleet management through Aethero’s user portal.

For details about Antmicro, please refer to link below: https://hardwarebee.com/electronic-breaking-news/aethero-and-antmicro-collaborate-on-open-source-space-edge-ai-design/

AI and ML, Application Development

Are you still a fan of Nvidia? Or do you support AMD now? (23rd Dec 2024)

Leave a comment

Preface: In the zone artificial intelligence (AI), NVIDIA and AMD are leading the way, pushing the limits of computing power. Both companies have launched powerful AI chips, but the comparison between the H100 and MI250X raises the question of superiority.

Background: What is AMD Instinct MI250X? AMD Instinct™ MI250X Series accelerators are uniquely suited to power even the most demanding AI and HPC workloads, delivering exceptional compute performance, massive memory density, high-bandwidth memory, and support for specialised data formats.

AMD now has more computing power than Nvidia in the Top500. Five systems use AMD processors (El Capitan, Frontier, HPC6, LUMI, and Tuolumne) while three systems use Intel (Aurora, Eagle, Leonardo).

Software Stack: ROCm offers a suite of optimizations for AI workloads from large language models (LLMs) to image and video detection and recognition, life sciences and drug discovery, autonomous driving, robotics, and more. ROCm supports the broader AI software ecosystem, including open frameworks, models, and tools.

HIP is a thin API with little or no performance impact over coding directly in NVIDIA CUDA or AMD ROCm.

HIP enables coding in a single-source C++ programming language including features such as templates, C++11 lambdas, classes, namespaces, and more.

Developers can specialize for the platform (CUDA or ROCm) to tune for performance or handle tricky cases.

Ref:  What is the difference between ROCm and hip?

ROCm™ is AMD’s open source software platform for GPU-accelerated high performance computing and machine learning. HIP is ROCm’s C++ dialect designed to ease conversion of CUDA applications to portable C++ code.

Official article: Please refer to the link for details

https://www.amd.com/en/products/accelerators/instinct/mi200/mi250x.html

AI and ML, Application Development, Potential Risk of CVE

CVE-2024-0132: About NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability (25th Sep 2024)

Leave a comment

Preface: In software development, time-of-check to time-of-use (TOCTOU, TOCTTOU or TOC/TOU) is a class of software bugs caused by a race condition involving the checking of the state of a part of a system (such as a security credential) and the use of the results of that check.

Background: The NVIDIA container stack is architected so that it can be targeted to support any container runtime in the ecosystem. The components of the stack include:

-The NVIDIA Container Runtime (nvidia-container-runtime)

-The NVIDIA Container Runtime Hook (nvidia-container-toolkit / nvidia-container-runtime-hook)

-The NVIDIA Container Library and CLI (libnvidia-container1, nvidia-container-cli)

The components of the NVIDIA container stack are packaged as the NVIDIA Container Toolkit.

The NVIDIA Container Toolkit is a key component in enabling Docker containers to leverage the raw power of NVIDIA GPUs. This toolkit allows for the integration of GPU resources into your Docker containers.

Vulnerability details: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Official announcement: Please refer to the vendor announcement for details – https://nvidia.custhelp.com/app/answers/detail/a_id/5582