Category Archives: Potential Risk of CVE

AI and ML, Potential Risk of CVE

CVE-2025-0036: A potential vulnerability exists with the configuration of the SSS (Secure Stream Switch) – 5th Jun 2025

Leave a comment

Preface: AMD’s Versal Adaptive SoCs are designed for high-performance computing, offering a blend of programmable logic, processing system, and AI engines, along with advanced memory and interfaces. They excel in cloud, network, and edge applications by combining heterogeneous compute with a wide range of hard IP. This architecture enables outstanding performance/watt and adapts to changing requirements, making them suitable for various applications like AI, data centers, and network acceleration.

Background: In Versal™ Adaptive SoC devices, the Platform Loader and Manager (PLM) implements runtime (post-boot) software services that allows a remote processor to command the PLM to execute cryptographic operations – including AES, SHA3, RSA, ECDSA – on behalf of the remote processor. These operations require the Secure Stream Switch (SSS) to be configured such that the Direct Memory Access (DMA) hardware can send data to and read from these cryptographic engines.

Ref: Some crypto engines (like AES, SHA3) are integrated into the PMC for secure boot and runtime services. Others may be instantiated in the PL for custom cryptographic acceleration.

Vulnerability details: A potential vulnerability exists with the configuration of the SSS because the PLM does not clear the SSS configuration after a cryptographic operation completes. This allows an improper SSS configuration when setting up the SSS for any following cryptographic command.

Official announcement: For more details, please refer to the following link – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8011.html

Potential Risk of CVE, Under our observation

Cache-based Side-Channel Attack Against SEV (4th Jun 2025)

Leave a comment

Originally posted by AMD 3rd Feb 2025

2025-02-17 – Updated Acknowledgement

2025-06-03 Update:A subsequent report of the same attacks was received from researchers at Graz University of Technology.

Preface: FIPS 186-5 removes DSA as an approved digital signature algorithm “due to a lack of use by industry and based on academic analyses that observed that implementations of DSA may be vulnerable to attacks if domain parameters are not properly generated.

February 3, 2023 – NIST published Federal Information Processing Standard (FIPS) 186-5, Digital Signature Standard (DSS), along with NIST Special Publication (SP) 800-186, Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters.  

Background: The SEV feature relies on elliptic-curve cryptography for its secure key generation, which runs when a VM is launched. The VM initiates the elliptic-curve algorithm by providing points along its NIST (National Institute of Standards and Technology) curve and relaying the data based on the private key of the machine.

Vulnerability details: AMD has received a report from researchers at National Taiwan University detailing cache-based side-channel attacks against Secure Encrypted Virtualization (SEV).

Remedy: AMD recommends software developers employ existing best practices for prime and probe attacks (including constant-time algorithms) and avoid secret-dependent data accesses where appropriate.  AMD also recommends following previously published guidance regarding Spectre type attacks (refer to the link in the reference section below), as it believes the previous guidance remains applicable to mitigate these vulnerabilities.

Supplement: The lack of authentication in the memory encryption is one major drawback of the Secure Memory Encryption (SME) design, which has been demonstrated in fault injection attacks. SEV inherits this security issue. Therefore, a malicious hypervisor may alter the ciphertext of the encrypted memory without triggering faults in the guest VM.

Office announcement: Please refer to the link for details –

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3010.html

Potential Risk of CVE

CVE-2025-27029 – Buffer Over-read in WLAN HAL (3rd Jun 2025)

Leave a comment

Preface: Google has been transitioning HALs from HIDL to AIDL since Android 11, and by Android 13 and 14, most major HALs—including Wi-Fi (WLAN), Audio, Bluetooth, and Telephony—have adopted AIDL as the standard interface definition language.

Background: In Android, defining and managing buffers in the WAN HAL (Wide Area Network Hardware Abstraction Layer) isn’t a standard or commonly documented component like the Camera HAL or Audio HAL. However, if you’re referring to buffer management in a HAL module (such as for networking or other hardware interfaces), the general approach follows Android’s HAL architecture principles.

The WLAN HAL (Hardware Abstraction Layer) allows the Android operating system to interact with Wi-Fi hardware by providing a standardized, hardware-independent interface. This interface, specified by HIDL (Hardware Interface Definition Language) in Android 8.0 and above, enables the Android framework to control Wi-Fi functionalities like scanning, connecting, and sending/receiving data, regardless of the specific Wi-Fi chipset used by the device.

Vulnerability details: Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.

Official Announcement: Please see the link for details –

https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html

IoT, Potential Risk of CVE

CVE-2025-21479: Incorrect Authorization in Graphics (2nd June 2025)

Leave a comment

Preface: Snapdragon chipsets, which are a type of System-on-a-Chip (SoC), often include memory components, such as RAM (Random Access Memory) and ROM (Read-Only Memory), within the chip itself. This integrated approach allows for faster and more efficient data processing within the device.

Background: In Qualcomm Snapdragon SoCs, the Adreno GPU is responsible for graphics and compute tasks. The GPU is managed through a combination of firmware, drivers (like KGSL on Android), and secure execution environments. Authorized memory operations are typically handled as follows:

1. Initialization Phase

  • The GPU driver (KGSL) initializes the GPU and sets up memory mappings.
  • The TrustZone or Secure Execution Environment (SEE) may be involved in verifying firmware and boot integrity.

2. Command Submission

  • Memory operations (e.g., buffer allocation, mapping, copying) are submitted via command buffers.
  • These buffers are managed by the GPU Command Processor (CP) and passed through the Ringbuffer.

3. Permission Check

  • Before execution, the GPU driver and firmware perform permission checks:
    • Is the memory region accessible to the current process?
    • Is the memory marked as GPU-accessible?
    • Are the command buffers properly signed or validated?
  • These checks may involve IOMMU (Input-Output Memory Management Unit) to ensure memory isolation and protection.

Ref: The IOMMU (Input-Output Memory Management Unit) is responsible for managing DMA (Direct Memory Access) from I/O devices and ensuring that these devices can only access the memory they are authorized to. A problem where the IOMMU is not checking permissions would mean that I/O devices could potentially access memory they shouldn’t, leading to security vulnerabilities and system instability.

Vulnerability details: Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

Official announcement: Please see the link for details

https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html

Potential Risk of CVE

CVE-2025-1763: About GitLab EE (2nd Jun 2025)

Leave a comment

Preface: The computer industry favors GitLab because it provides a comprehensive, integrated software development platform that covers everything from planning and code management to continuous integration and deployment. This “full operation and maintenance” approach simplifies the software development life cycle and promotes collaboration between different teams. GitLab’s open source nature, free basic version, and strong community have further enhanced its popularity.

Background: GitLab Enterprise Edition (EE) is the self-hosted, open-core version of the GitLab platform. It builds upon the core features of GitLab Community Edition (CE) and offers additional features, support, and licensing options designed for enterprise users. EE is not a free-to-use version but offers a free tier for initial self-hosting and then provides paid subscription levels (Core, Starter, Premium, and Ultimate) for enhanced features and support.

Vulnerability details: An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user’s browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

My Speculation: The issue stems from improper sanitization of user-controllable input, which is then rendered in a web page. This is a classic DOM-based XSS scenario, where the browser executes injected scripts due to insufficient input validation and output encoding.

Official announcement: Please see the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-1763

AI and ML, Potential Risk of CVE

Deserialization of Untrusted Data vulnerability in Apache InLong (29-05-2025)

Leave a comment

Preface: Apache InLong can be a valuable component in machine learning (ML) and artificial intelligence (AI) workflows, particularly in the data engineering and streaming data pipeline stages.

Background: Apache InLong is a one-stop massive data integration framework that provides automatic, secure, reliable and high-performance data transmission capabilities. It also supports batch and streaming, making it easier for businesses to build streaming-based data analysis.

InLong Sort requires Apache Flink and uses Flink SQL to define and run data processing jobs.

Data Ingestion and Integration – Apache InLong is designed as a one-stop, full-scenario integration framework for massive data. It supports:

•       Batch and stream data ingestion

•       Data synchronization and subscription

•       Real-time ETL (Extract, Transform, Load)

Real-Time Data Processing

Integration with ML Pipelines

Vulnerability details: Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows attackers to bypass the security mechanisms of InLong JDBC and leads to arbitrary file reading. 

Remedy: Users are advised to upgrade to Apache InLong’s 2.2.0.

Official announcement: Please see the link for details –

https://nvd.nist.gov/vuln/detail/CVE-2025-27528

AI and ML, Potential Risk of CVE

CVE-2025-23247: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary (28-5-2025)

Leave a comment

Preface: ROCm open source software platform is AMD’s core strategy. This platform supports deep learning frameworks such as PyTorch 2.0 and TensorFlow.

Nvidia’s CUDA cores are indispensable for training and deploying neural networks and deep learning models, taking advantage of their parallel processing capabilities. To put that into perspective, a dozen Nvidia H100 GPUs can provide the same deep learning equivalent as 2,000 midrange CPUs.

Background: NVIDIA CUDA provides a simple C/C++ based interface. The CUDA compiler leverages parallelism built into the CUDA programming model as it compiles your program into code.
CUDA is a parallel computing platform and programming interface model created by Nvidia for the development of software which is used by parallel processors. It serves as an alternative to running simulations on traditional CPUs.

The CUDA Toolkit targets a class of applications whose control part runs as a process on a general purpose computing device, and which use one or more NVIDIA GPUs as coprocessors for accelerating single program, multiple data (SPMD) parallel jobs. Such jobs are self-contained, in the sense that they can be executed and completed by a batch of GPU threads entirely without intervention by the host process, thereby gaining optimal benefit from the parallel graphics hardware.

When a program like cuobjdump parses an ELF file, it expects certain structures and lengths to be valid. If it doesn’t validate the length of a buffer before copying or accessing it:

•        An attacker can overflow the buffer or inject data into memory.

•        This can overwrite return addresses or function pointers, leading to code execution.

Vulnerability details: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

Official announcement: Please refer to the supplier announcement –https://nvidia.custhelp.com/app/answers/detail/a_id/5643

IoT, Potential Risk of CVE, Science

CVE-2025-35003: Apache NuttX RTOS Bluetooth Stack (HCI and UART components) 27-5-2025

Leave a comment

Preface: During the Dahe period of Emperor Wenzong of the Tang Dynasty (827-835 AD), there was a scholar named Zheng Renben(鄭仁本), his cousin and his friend Wang Xiucai(王秀才) wandering in Zhongyue Songshan Mountain(中嶽嵩山) and got lost in a deep valley. It was getting dark at this time, and the two were very scared. As they were walking around, they saw someone dressed in white snoring in the grass. They went up to him and asked, “I accidentally entered this path and got lost. Do you know the way to the official road?” The man raised his head, looked, and did not respond and continued to sleep. The two asked the man in white where he came from and called him again and again, so he sat up and said, “Come here.” The man in white introduced: “Do you know that the moon is made of seven treasures? The bright spots on the moon are the result of the sun shining on its convex parts. There are 82,000 people repairing the moon, and I am one of them, one of them…”

Background: The Bluetooth stack in Apache NuttX RTOS is used to enable Bluetooth communication in embedded systems, particularly for devices that require low-power wireless connectivity. This stack typically supports:

  • HCI (Host Controller Interface) over UART or USB
  • Bluetooth Classic and BLE (Bluetooth Low Energy) profiles
  • Device discovery, pairing, and data exchange

It is designed to be modular and lightweight, making it suitable for resource-constrained microcontrollers.

Vulnerability details: Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer Overflow vulnerabilities were discovered in Apache NuttX RTOS Bluetooth Stack (HCI and UART components) that may result in system crash, denial of service, or arbitrary code execution, after receiving maliciously crafted packets.

Remedy: NuttX’s Bluetooth HCI/UART stack users are advised to upgrade to version 12.9.0, which fixes the identified implementation issues. This issue affects Apache NuttX: from 7.25 before 12.9.0.

Official announcement: Please see the link for details – https://www.tenable.com/cve/CVE-2025-35003

AI and ML, Potential Risk of CVE

CVE-2025-37992: About NULL pointer dereference in net_sched (27-05-2025)

Leave a comment

Preface: Linux powers large parts of the Internet, cloud infrastructure, and supercomputers. But it is difficult to determine the exact number of Linux systems in the world. This appears to be a technology trend that includes AI system infrastructure.

Background: In Linux, a “qdisc” stands for queueing discipline. It’s a core component of the Linux traffic control system, responsible for managing and scheduling network traffic on a per-interface basis. Essentially, a qdisc determines how the kernel handles packets before sending them to the network adapter.

Vulnerability details: Previously, when reducing a qdisc’s limit via the ->change() operation, only the main skb queue was trimmed, potentially leaving packets in the gso_skb list. This could result in NULL pointer dereference when we only check sch->limit against sch->q[.]qlen.

Remedy: This patch introduces a new helper, qdisc_dequeue_internal(), which ensures both the gso_skb list and the main queue are properly flushed when trimming excess packets. All relevant qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie) are updated to use this helper in their ->change() routines.

Official announcement: Please see the link for details –

https://nvd.nist.gov/vuln/detail/CVE-2025-37992

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fe88c7e4fc2c1cd75a278a15ffbf1689efad4e76

Potential Risk of CVE

Point of view – IOLeak – CPU Side Channel Attacks  23-05-2025

Leave a comment

Preface: Hertzbleedis about inferring secrets from timing differencescaused by how CPUs adjust their frequency under load.

Background: The Hertzbleed vulnerability does not specifically target the L2 cache of AMD CPUs. Instead, it exploits a broader mechanism related to dynamic frequency scaling — a feature used by modern CPUs (including AMD Zen 2 and Zen 3) to adjust clock speeds based on workload and thermal conditions.

How is IOLeak Different?

FeatureHertzbleedIOLeak
Primary TriggerData-dependent CPU workloadI/O latency and interaction with CPU
Leakage SourceFrequency scaling due to computationFrequency scaling influenced by I/O timing
FocusCryptographic operations (e.g., SIKE)Broader I/O-related operations
NoveltyFirst to show DVFS can leak data remotelyFirst to show I/O latency can amplify DVFS-based leakage

Ref: AMD’s DVFS (Dynamic Voltage and Frequency Scaling) is a power management technique that dynamically adjusts the CPU’s voltage and frequency based on the current workload. This allows for a balance between performance and energy consumption by reducing both when the workload is light and boosting them when more processing power is needed. DVFS is used in AMD processors to optimize power usage and improve battery life in mobile devices, as well as to reduce energy costs in servers.

Vulnerability details: The researchers provided AMD with a summary of their comments and findings, detailed in a paper titled “IOLeak Side-Channel Attacks Exploiting CPU Frequency Scaling and I/O Latency.”

AMD reviewed the summary and believes this attack is similar to previously disclosed side-channel attacks such as “Hertzbleed” and that existing mitigation recommendations for such attacks remain applicable to mitigate the techniques described in the researchers’ summary.

Official announcement: Please see the link for details – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7042.html