Category Archives: Science

CVE-2024-41009: bpf – Fix overrunning reservations in ringbuf (17th July 2024)

Preface: Consumer and producer counters are put into separate pages to allow each position to be mapped with different permissions. This prevents a user-space application from modifying the position and ruining in-kernel tracking. The permissions of the pages depend on who is producing samples: user-space or the kernel. Starting from Linux 5.8, BPF provides a new BPF data structure (BPF map): BPF ring buffer (ringbuf). It is a multi-producer, single-consumer (MPSC) queue and can be safely shared across multiple CPUs simultaneously.

Background: The first core skill point is “BPF Hooks”, that is, where in the kernel can BPF programs be loaded. There are nearly 10 types of hooks in the current Linux kernel, as shown below:

kernel functions (kprobes)

userspace functions (uprobes)

system calls



network devices (tc/xdp)

network routes

TCP congestion algorithms

sockets (data level)

Vulnerability details: For example, consider the creation of a BPF_MAP_TYPE_RINGBUF map with size of 0x4000. Next, the consumer_pos is modified to 0x3000 /before/ a call to bpf_ringbuf_reserve() is made. This will allocate a chunk A, which is in [0x0,0x3008], and the BPF program is able to edit [0x8,0x3008]. Now, lets allocate a chunk B with size 0x3000. This will succeed because consumer_pos was edited ahead of time to pass the `new_prod_pos – cons_pos > rb->mask` check. Chunk B will be in range [0x3008,0x6010], and the BPF program is able to edit [0x3010,0x6010]. Due to the ring buffer memory layout mentioned earlier, the ranges [0x0,0x4000] and [0x4000,0x8000] point to the same data pages. This means that chunk B at [0x4000,0x4008] is chunk A’s header. bpf_ringbuf_submit() / bpf_ringbuf_discard() use the header’s pg_off to then locate the bpf_ringbuf itself via bpf_ringbuf_restore_from_rec(). Once chunk B modified chunk A’s header, then bpf_ringbuf_commit() refers to the wrong page and could cause a crash.  

Official announcement: Please refer to the official announcement for details –

CVE-2024-0102:  About NVIDIA® CUDA® Toolkit. If you remember, a similar incident happened in April of this year. Believe this is a weakness of similar designs. (11 July 2024)

Preface: OpenAI revealed that the project cost $100 million, took 100 days, and used 25,000 NVIDIA A100 GPUs. Each server equipped with these GPUs uses approximately 6.5 kW, so an estimated 50 GWh of energy is consumed during training.

Background: Parallel processing is a method in computing of running two or more processors (CPUs) to handle separate parts of an overall task. Breaking up different parts of a task among multiple processors will help reduce the amount of time to run a program. GPUs render images more quickly than a CPU because of its parallel processing architecture, which allows it to perform multiple calculations across streams of data simultaneously. The CPU is the brain of the operation, responsible for giving instructions to the rest of the system, including the GPU(s).

NVIDIA CUDA provides a simple C/C++ based interface. The CUDA compiler leverages parallelism built into the CUDA programming model as it compiles your program into code.
CUDA is a parallel computing platform and programming interface model created by Nvidia for the development of software which is used by parallel processors. It serves as an alternative to running simulations on traditional CPUs.

Vulnerability details: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.

Official announcement: Please refer to the vendor announcement for details –

To be new or it was former: Rowhammer Attacks on AMD Zen-Based Platforms. So called ZenHammer (25-03-2024)

Preface: It is possible to trigger Rowhammer bit flips on DDR4 devices on AMD Zen 2 and Zen 3 systems despite deployed TRR mitigations, said researchers at ETH Zurich.

Background: When high-energy charged particles pass through the crystal lattice of a silicon wafer, their charges can interfere with the electrons within the lattice itself and provide energy. If the lattice is moved closer together within the wafer, this disturbed electron trajectory can create a temporary highly conductive path that did not exist before. The effect of this trace is similar to running a very thin wire across the wafer in random directions. If the particle’s path crosses a feature within the die, such as a floating MOSFET gate or an NMOS DRAM cell, the result may be a flipped bit.

Vulnerability details: On February 26, 2024, AMD received new research related to an industry-wide DRAM issue documented in “ZENHAMMER: Rowhammering Attacks on AMD Zen-based Platforms” from researchers at ETH Zurich. The research demonstrates performing Rowhammer attacks on DDR4 and DDR5 memory using AMD “Zen” platforms. Given the history around Rowhammer, the researchers do not consider these rowhammering attacks to be a new issue.

Mitigation: Please see the following official announcement for details –

International Space Station slipping across the Moon’s face as it flies by at 8 kilometers per second (8th Mar 2024)

The moon and the earth rotate synchronously, so people on Earth can only see the same side of the moon throughout their lives. Because the moon also rotates, people on Earth cannot see the other side (see Figure L1a). There are also days when the moon faces away from the sun. It was pitch black at this time. Even if the International Space Station orbited the moon, it was pitch dark for part of the time because it faced away from the sun.

The gravitational force of two large masses is equal to the centripetal force required for small objects to move accordingly. Therefore, the moon falls at the Lagrangian point between the sun and the earth (L1, L1a & L3). NASA announce (James Webb) The Abel Space Telescope is also a Lagrangian point. (See attached picture L1, L2 & L3). I wonder if there is a chance to see the other side of the moon?

Ref: Please refer to the link for details –

LiDAR assists archaeologist discovered ruins found in upper Amazon rainforest (15th Jan 2024)

Preface: In ancient time of South America Tribal leaders would cover their bodies with gold powder and wash themselves in a holy lake in the mountains. For example, the famous place for ancient civilization execute this ceremony is Lake Titicaca. Priests and nobles would throw precious gold and emeralds into the lake dedicated to God.

El Dorado, so called the Golden Kingdom is an ancient legend that first began with a South American ritual. Spanish Conquistadors, upon hearing these tales from the natives, believed there was a place abundant in gold and precious stones and began referring to it as El Dorado. Many explorers believe that Ciudad Blanca is the legendary El Dorado. Legend has it that somewhere beneath the forest canopy lies the ancient city of Ciudad Blanca and now archaeologists think they may have found it.

A group of scientists from fields including archaeology, anthropology and geology  using new technology known as airborne light detection and ranging (LiDAR). They found what appears to be a network of plazas and pyramids, hidden for hundreds of years in the underneath of the forest.

Background: What is LiDAR? LiDAR (light detection and ranging) is a remote sensing method that uses a laser to measure distances. Pulses of light are emitted from a laser scanner, and when the pulse hits a target, a portion of its photons are reflected back to the scanner. Because the location of the scanner, the directionality of the pulse, and the time between pulse emission and return are known, the 3D location (XYZ coordinates) from which the pulse reflected is calculable.

Which software is used for LiDAR data processing?

While LiDAR is a technology for making point clouds, not all point clouds are created using LiDAR. For example, point clouds can be made from images obtained from digital cameras, a technique known as photogrammetry. The one difference to remember that distinguishes photogrammetry from LiDAR is RGB. Unlike the RGB image, the LIDAR projection image does not have obvious texture, and it is difficult to find patterns in the projected image.

The programs to process LiDAR are numerous and increasing rapidly in accordance with the evolving field and user needs. ArcGIS has LiDAR processing functionality. ArcGIS accepts LAS or ASCII file types and has both 2D and 3D visualization options. Additionally, there are other options on the market. For example: NVIDIA DeepStream Software Development Kit (SDK). This SDK is an accelerated AI framework to build pipelines. DeepStream pipelines enable real-time analytics on video, image, and sensor data.

The architecture diagram on the right is for reference.

Headline News:

Pulling back the curtain on Python satellite technology (24th Nov 2023)

Preface: Satellite communications use the very high-frequency range of 1–50 gigahertz (GHz; 1 gigahertz = 1,000,000,000 hertz) to transmit and receive signals. The frequency ranges or bands are identified by letters: (in order from low to high frequency) L-, S-, C-, X-, Ku-, Ka-, and V-bands. The band 435- 438 MHz is heavily used for amateur satellites in accordance with No. 5.282. No. 5.278 (WRC-19) provides primary status for the amateur service at 430-440 MHz in 11 countries in Region 2.

Background: About twenty-five years ago, satellites were advanced technology. Satellite technology services, especially GPS, have become commonplace today. Perhaps it is an invisible force that makes development stronger and stronger. Who is this knight? It is the Python programming language technology. But you may ask, why do people always say that Python program development has a large share in the industrial world including aerospace technology. Long story short, Python has ready-made software modules, and software developers can use similar concepts to start their new development. This is the advantage of open source software.

Pulling back the curtain on Python satellite technology: gr-satellites is an OOT module encompassing a collection of telemetry decoders that supports nearly 40 different Amateur satellites. This open-source project started in 2015 with the goal of providing telemetry decoders for all the satellites that transmit on the Amateur radio bands.

gr-satellites is a GNU Radio out-of-tree module encompassing a collection of telemetry decoders that supports many different Amateur satellites.It supports most popular protocols, such as AX.25, the GOMspace NanoCom U482C and AX100 modems, an important part of the CCSDS stack, the AO-40 protocol used in the FUNcube satellites, and several ad-hoc protocols used in other satellites.

The KISS frame allow transmission of AX.25 packet radio frames containing IP packets over an asynchronous serial link.

KISS stands for “Keep It Simple, Stupid” and is not only a design principle, but also one of the most used Host-to-TNC communication protocols in HAM Radios. It is a very simple protocol that standardizes the transmission of data, normally AX.25 packets, over a asynchronous serial link, like RS232 or UART. It allows the transmission any arbitrary data, with no length limitation.

Reference: Using GPS in amateur radio is about GPS and other GNSS (Global Navigation Satellite System) satellites and how we can use the data broadcast by them for amateur radio. You will find that GPS benefits in digital modes like FT8, WSPR, and WSJT which rely on accurate transmit and receive period timing and this is easy to achieve with internet access to international time servers.

Please refer to the link for details:

CVE-2023-45282: In openmct 2.2.5 before 545a177, prototype pollution can occur via an import action.(9th Oct 2023)

Preface: Java is highly functional in several data science processes like data analysis, including data import, cleaning data, deep learning, statistical analysis, Natural Language Processing (NLP), and data visualization.

Background: Open MCT Web is a platform single page applications which runs entirely in the browser. Most applications will want to additionally interact with server side resources, to (for example) read telemetry data or store user created objects. This interaction is handled by individual bundles using APIs which are supported in browser (such as XMLHttpRequest, typically wrapped by Angular’s $http).

Vulnerability details: In NASA Open MCT (aka openmct) 2.2.5 before 545a177, prototype pollution can occur via an import action.

Ref: Prototype pollution is a JavaScript vulnerability that enables an attacker to add arbitrary properties to global object prototypes, which may then be inherited by user-defined objects.

Official announcement: Please refer to the link for details –

OSIRIS-REx accomplished feat, next station is Apophis (24-09-2023)

Preface: A long-awaited asteroid sample has landed in the US, said CNN –

Background: Asteroid 101955 Bennu – Level 3 on the Palermo impact hazard index, a small celestial body with the highest risk of impacting the Earth.

Early in the history of the solar system, the gravity of newly formed Jupiter brought an end to the formation of planetary bodies in this region and caused the small bodies to collide with one another, fragmenting them into the asteroids we observe today.

the slight push created when the asteroid absorbs sunlight and re-emits that energy as heat — and gravitational tugs from other celestial bodies, it has drifted closer and closer to Earth from its likely birthplace: the Main Asteroid Belt between Mars and Jupiter.

Why does NASA track it?

Chicxulub crater, the buried remnants of an asteroid impact off the Yucatán Peninsula in Mexico that killed off the dinosaurs 66 million years ago.

Official announcement: Please refer to link for details –

About Aliens corpses in Mexico: If I am real (17 Sep 2023)

Preface: Any matters would have two different angle (positive and negative). If you stand on negative side, even facts in front of you. Perhaps you still questioning. On Sep 2023, there is other new round of aliens corpses discover news. But this time look special, it goes during Mexico’s congress meeting, politicians held their first ever hearing on UFOs.

Ref: The two remains were discovered by workers at a diatom mine in Cusco, Peru.

What if this Alien corpses is not a counterfeit. However, how do we know what they are? And where they belong. The truth is we have no information traceability. Perhaps we only relies so called myth or oral information passed down through the ages.

Background: Juan Diez de Betanzos wrote one of the most important sources on the conquest of the Inca civilization, Narrative of the Incas. Mainstream archeologists think this is myth. According to his description, Viracocha rose from Lake Titicaca (sometimes the cave of Paqariq Tampu) to bring light during dark times. He created the sun, moon and stars. He created humans by blowing air into stones, but his first creations were mindless giants, much to his displeasure. Viracocha is the god of Incan. Similarly to Jesus Christ in our modern religious.

Remark: This scenario of this descriptions look similar Bible, ancient myth from China and Babylonian cuneiform tablets.

Is it a god or an advanced civilization?

Ancient civilizations did not have the basic concept of airplanes. When they see something flying in the sky. They will think it is God.

The above argument can be confirmed by previous European newspaper reports.

In 14th April,1561, an unidentified flying objects (UFO) above Nuremberg, Germany. Above diagram shown a broadsheet news article printed in April 1561. Is it a coincidence? A pillar shape unknown flying object shown on the picture. As we know, in 1903 the Wright brothers had invented the first successful airplane. Talking about three hundred and fifty years ago, human being do not have airplane concept. As a result, when they seen similar shape of UFO. Perhaps they will only draw or use the key word pillar for description.

Who taught the Incas to mine gold?

The Incas were an agricultural society. From some perspectives, this is unbelievable! Besides, the water supply and drainage system setup in Machu Picchu is remarkable. Why did the Inca civilization like gold? Did they saw an advanced civilization come to earth do the gold mining on earth?

Quote: Obsessed with a treasure city, conquistador Francisco Pizarro captured the Inca emperor Atahualpa. To spare his life, the emperor offered up the largest cache of gold the Spanish ever acquired in the Americas, National Geographic Magazine said.

The above set of questions will make you think about whether the mainstream historical information written in books may miss some details. But those missing details may not be something people think about yet.

Travel through mysterious ruins in between Peru and Bolivia

A brief introduction to the mysterious ruins

a. Tiwanaku (Gateway of the sun) – Tiwanaku is a Pre-Columbian archaeological site in western Bolivia, near Lake Titicaca, about 70 kilometers from La Paz, and it is one of the largest sites in South America. Viracocha was actually worshiped by the pre-Incas of Peru before being included in the Inca pantheon. In Inca mythology, the god gave the headdress and battle ax to Manco Capac, the first Inca ruler. The god’s name was also taken by the Inca king Viracocha Inca (died 1438 AD), which may also be when the god officially joined the Inca clan.

b. Lake Titicaca – the beginning of the Inca Empire according to the legend, it was in this place where the Andean world began, when the god Viracocha emerged from the lake and created the sun (Inti), the moon (Mama Killa), the stars and the first people. A team of Belgian and Bolivian archaeologists has found more than 2,000 pieces of ceramic, gems and gold objects at an apparent ceremonial site beneath the waters of Lake Titicaca.

c. Six Monoliths of the Sun Temple – The Wall of the Six Monoliths in the Temple of the Sun, which weigh about 50 tons apiece. The monoliths are notable because they didn’t originate from this hill. Archaeologists are unable to explain how the rocks, which weigh about 50 tons each pieces, was transported up the hillside. Besides, the advance and precises stone cutting technology unavailable at that period of time. And rock to rock connected structure also shocked by scientists.

d. Nazca Lines – Nazca Linesextend over an area of nearly 190 square miles (500 square km). Most of the Nazca Lines were constructed more than 2,000 years ago by the people of the Nazca culture (c. 200 bce–600 ce), though some clearly predate the Nazca and are considered to be the work of the earlier Paracas culture. But only from the air can you tell what the painting is. There were no flying tools at that time. So who is the audience?

e. Mexican UAP experts display 2 alien remains at hearing (Sep 2023) – The two remains were discovered by workers in a diatom mine in Cusco, Peru. DNA identification results show that these remains neither belong to humans nor evolved from any known species on earth. Carbon 14 testing confirmed that these remains contain one-third of unknown DNA and are thousands of years old. history. Mawson also showed X-rays of alien corpses at the meeting. One of the corpses contained three egg-like objects, and another contained rare metals.

Summary: From a technical perspective, there is no knowledge base of historical details, race. It’s hard to tell what the alleged alien corpse is. But so far, ancient ruins belonging to Peru and Bolivia are popular places for people to explore advance civilization mysteries. Perhaps this time, we provide hints and empower Artificial Intelligence to find out the final answer. I am looking forward to hearing from you soon.

Drones are similar to radio-controlled aircraft, but GPS and (5G or 4G) empowerment are leading the way. (29th Jul 2023)

Preface: Do you think Chinese meaning of intelligence and clever have similar meanings? if you ask me. Perhaps I would say that clever refers to the sensitivity of the ears and eyes. Intelligence is about your brain. Maybe you have other explanations. When you watch a sci-fi movie, the AI core sends out drones to detect and arrest people. Maybe the plot is not described in detail. Comprehensive artificial intelligence machine learning should include vision and hearing. The obvious thing about drones is the vision capabilities of AI.

Background: It seems indisputable that 5G networks can enhance the performance capabilities of drones. Perhaps, it cannot be compared with the RF capabilities of the military type. If you’re interested in the subject, you’ll notice that many manufacturers are capable of designing drones and producing them. The reason is that chip manufacturers can provide flight control chips. Many open source firmwares can be easily downloaded on Github. Throttle actuators and flight control surface actuators are also available on the electronics market. The most commonly used languages in avionics software engineering are C, C++, Ada, and Python. In the main definition of network security, the TCP/IP protocol stack is one of the important trigger factors for network attacks. 5G or RF communication is exchanged in the communication gateway. Therefore, the IP protocol will be implemented after the 5G or RF signal exchange in the gateway. So cybersecurity will never leave this technology.

Ref: STM32 F4, G4, F7 and H7 are the popular microcontroller for drone. The flight controller unit (FCU) major component is the microcontroller.

The FCU consists of a processor and an Inertial Measurement Unit with a high precision accelerometer and gyroscope, necessary for stable flight.

Is the development of science and technology in opposition to the natural environment?

Humans can send probes to Mars and create and form artificial intelligence on Earth. Drone can do the real time monitroing even in extreme dangerous zone. Today’s medical technology enhances our healthcare. But when we look at the climate today, the Antarctic icebergs are melting, causing disaster and rising sea levels. So far, the situation has not improved!

See if artificial intelligence can provide solutions for humans soon?