AI and ML, Potential Risk of CVE

CVE-2025-30219: About RabbitMQ (26th Mar 2025)

Leave a comment

Preface: Message queues are quite important in machine learning for several reasons:

  1. Decoupling Components: They allow different parts of a machine learning system to operate independently. For example, data producers (like sensors or user inputs) can send data to a queue, and data consumers (like preprocessing units or models) can process this data at their own pace.
  2. Asynchronous Processing: Machine learning tasks, especially training and inference, can be resource-intensive and time-consuming. Message queues enable these tasks to be processed asynchronously, ensuring that the system remains responsive and efficient.
  3. Scalability: By using message queues, you can easily scale your machine learning system. Multiple consumers can process messages from the queue simultaneously, allowing the system to handle larger workloads without bottlenecks.

Background: RabbitMQ can be quite helpful in AI applications! RabbitMQ is an open-source message broker that facilitates communication between different parts of a system asynchronously. Here are some ways it can assist AI:

  1. Task Orchestration: RabbitMQ can manage and distribute tasks across various AI models and services, ensuring efficient processing and load balancing.
  2. Handling Asynchronous Requests: It can queue up inference requests and process them asynchronously, which is particularly useful for resource-intensive AI models.
  3. Data Queuing: RabbitMQ can queue data for processing, allowing AI systems to handle large volumes of data in a controlled manner.

If you enable the management Plugin, you will be able to use not only the webUI but also the HTTP API. In fact, the WebUI is a wrapper around the HTTP API.

Vulnerability details: RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and then make it unrecoverable (with other on disk file modifications) can lead to arbitrary JavaScript code execution in the browsers of management UI users.

When a virtual host on a RabbitMQ node fails to start, recent versions will display an error message (a notification) in the management UI. The error message includes virtual host name, which was not escaped prior to open source RabbitMQ 4.0.3 and Tanzu RabbitMQ 4.0.3, 3.13.8.

Official announcement: Please refer to the link for details –

https://nvd.nist.gov/vuln/detail/CVE-2025-30219

Potential Risk of CVE

CVE-2025-24514: Security Focus of K8s (Kubernetes) 24th Mar 2025

Leave a comment

Preface: A Kubernetes (K8s) sidecar controller is a custom controller designed to manage sidecar containers within a Kubernetes Pod. Sidecar containers are secondary containers that run alongside the main application container in the same Pod. They provide additional functionalities such as logging, monitoring, security, or data synchronization without altering the primary application code.

Background: Ingress annotations in Kubernetes can be used to inject configuration under specific conditions. For example, if you are using an NGINX ingress controller, you can use annotations to add custom configuration snippets. This is often done to handle specific routing rules, security settings, or other custom behaviors.

However, it’s important to be cautious with these annotations, as they can potentially introduce security vulnerabilities. For instance, certain annotations like mirror-target and mirror-host have been found to allow arbitrary configuration injection, which can lead to remote code execution and other security risks.

Vulnerability details:  A security issue was discovered in ingress-Nginx where the “auth-url” ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-Nginx controller.

Note that in default installation, the controller can access all Secrets cluster-wide.

Official announcement: The vulnerability is rated a CVSS 9.8 and is tracked with the following identifiers: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974. Please refer to the link for details

https://nvd.nist.gov/vuln/detail/CVE-2025-1974

https://nvd.nist.gov/vuln/detail/CVE-2025-24514

https://nvd.nist.gov/vuln/detail/CVE-2025-1098

https://nvd.nist.gov/vuln/detail/CVE-2025-1097

Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

CVE-2024-53025: Transient DOS can occur while processing UCI command (24-03-2025)

Leave a comment

NVD Published Date: 03/03/2025
NVD Last Modified: 03/06/2025

Preface: The OpenWrt Project is a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application. For developers, OpenWrt is the framework to build an application without having to build a complete firmware around it.

Background: Qualcomm’s FastConnect™ 7900 is embedded in the Snapdragon 8 Gen 3. This connectivity system is AI-optimized and integrates Wi-Fi 7, Bluetooth, and Ultra Wideband (UWB) technologies, providing unparalleled performance across mobile, compute, and XR experiences. The Snapdragon 8 Gen 3 firmware integrates cutting-edge technologies such as generative AI, enhanced camera capabilities, console-defying mobile gaming, and studio-quality lossless audio.

Remark: The Snapdragon 8 Gen 3 platform includes embedded firmware.

Vulnerability details:  The Qualcomm UCI command can encounter wraparound in scenarios where an integer overflow occurs during calculations. This happens when the logic assumes that the resulting value will always be larger than the original value, leading to a transient denial of service (DOS) condition.

Ref: Due to the combination of the command injection in the openwrt/imagebuilder image and the truncated SHA-256 hash included in the build request hash, an attacker can pollute the legitimate image by providing a package list that causes the hash collision. The issue consists of two main components:

  1. Command Injection in Imagebuilder: During image builds, user-supplied package names are incorporated into make commands without proper sanitization. This allows malicious users to inject arbitrary commands into the build process, resulting in the production of malicious firmware images signed with the legitimate build key.
  2. Truncated SHA-256 Hash Collisions: The request hashing mechanism truncates SHA-256 hashes to only 12 characters. This significantly reduces entropy, making it feasible for an attacker to generate collisions. By exploiting this, a previously built malicious image can be served in place of a legitimate one, allowing the attacker to “poison” the artifact cache and deliver compromised images to unsuspecting users.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2024-53025

Potential Risk of CVE

CVE-2025-30472: Corosync Stack buffer overflow (23rd Mar 2025)

Leave a comment

Preface: Even with the popularity of IP phone SIP trunking, the public telephone network still relies on PABX (Private Automatic Branch Exchange) systems in many cases. SIP trunking allows businesses to connect their IP PBX systems to the Public Switched Telephone Network (PSTN) using the Session Initiation Protocol (SIP), which facilitates voice and data communication over the internet.

Background: Gentoo-based clusters are groups of computers running the Gentoo Linux distribution, configured to work together to perform tasks or provide services. These clusters can be designed for various purposes, such as High Availability (HA), High Performance Computing (HPC), High Throughput Computing (HTC), andHigh Efficiency Computing (HEC).

Gentoo’s flexibility and configurability make it well-suited for building clusters. Many modern Gentoo-based clusters use the Corosync messaging layer and the Pacemaker cluster resource manager. The Corosync Cluster Engine is a group communication system with additional features for implementing high availability within applications. The project provides four C API features: A closed process group communication model with virtual synchrony guarantees for creating replicated state machines.

Even with the popularity of IP phone SIP trunking, the public telephone network still relies on PABX (Private Automatic Branch Exchange) systems in many cases. SIP trunking allows businesses to connect their IP PBX systems to the Public Switched Telephone Network (PSTN) using the Session Initiation Protocol (SIP), which facilitates voice and data communication over the internet. While SIP trunking can eliminate the need for physical PSTN gateways, it often still requires a PBX system to manage internal and external calls1. This setup allows businesses to leverage the benefits of modern IP-based communication while maintaining connectivity with traditional telephone networks.

Vulnerability details: Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-30472

Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

CVE-2025-24201: iOS, iPadOS, and macOS – WebKit Out-of-Bounds Write Vulnerability Security updates (20-03-2025)

Leave a comment

NVD Published Date: 03/11/2025
NVD Last Modified: 03/14/2025

Preface: WebKit is a web browser engine used by Safari and other applications across various platforms like macOS, iOS, Linux, and Windows. It processes web content, including JavaScript, HTML, and CSS.

Background: The Web Content sandbox is a security feature within WebKit that isolates web content from the rest of the system. This means that any potentially harmful web content, such as malicious scripts, is contained within a restricted environment, preventing it from affecting other parts of the system. This sandboxing helps protect users from vulnerabilities and exploits that could arise from visiting compromised websites.

The Web Content sandbox in WebKit uses several shared libraries (.so files) to function properly. These libraries are essential for various operations within the sandboxed environment. Some common libraries that might be involved include:

  1. libwebkit2gtk-4.0.so: This is the main WebKit library for GTK-based applications.
  2. libjavascriptcoregtk-4.0.so: This library handles JavaScript execution within WebKit.
  3. libWPEWebKit.so: Used in WebKit for embedded systems.
  4. libWPEBackend-fdo-1.0.so: Provides backend functionality for WebKit on embedded system.

These libraries help ensure that web content is processed securely and efficiently within the sandbox.

Vulnerability details: An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).

Official announcement: Please refer to the following link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-24201

Potential Risk of CVE, Science

CVE-2025-29909: CryptoLib’s design weakness (19-03-2025)

Leave a comment

Preface: Human being life average 80 year old. Explorering space is a long time travel. So, it only relies on machine.

Even though exploring machine can relies on solar energy. In space there is a lot of uncertainty. For example, the  shock of meteorite. Furthemore, the spacecraft operates in a unique environment, the spacecraft’s power system must also be able to operate in zero gravity and vacuum conditions, and be able to withstand large amounts of radiation (most electronic equipment will not operate in such an environment). On our earth also have gravity seems not want human being leave our earth. Believed it or not, this is our destiny.

Background: CryptoLib is indeed used in space technology! It provides a C-based software implementation of the CCSDS Space Data Link Security Protocol (SDLS) and SDLS Extended Procedures (SDLS-EP) to secure communications between spacecraft flight software and ground stations. This library supports various encryption libraries and protocols, including Telecommand (TC), Telemetry (TM), and Advanced Orbiting Systems (AOS).

CryptoLib is designed to support smaller missions with stringent size, weight, and power constraints, making it a valuable tool for secure satellite communications.

Vulnerability details: CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol – Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in CryptoLib’s `Crypto_TC_ApplySecurity()` allows an attacker to craft a malicious TC frame that causes out-of-bounds memory writes. This can result in denial of service (DoS) or, under certain conditions, remote code execution (RCE). Any application or system that relies on CryptoLib for Telecommand (TC) processing and does not strictly validate incoming TC frames is at risk. This includes satellite ground stations or mission control software where attackers can inject malformed frames.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-29909

Potential Risk of CVE, System

A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 (18-03-2025)

Leave a comment

Preface: Stateless applications perform tasks based on the input provided in the current transaction. These applications make use of Content Delivery Network (CDN) and web to process short term requests. Unlike stateful applications, stateless applications do not save users data. There is no stored knowledge or information for reference to past records. 

Containers are widely used for deploying microservices, running stateful applications, and achieving high-performance, scalable solutions.

Background: A 32-bit signed integer can represent values from -2,147,483,648 to 2,147,483,647. When applied to UID (User Identifier) and GID (Group Identifier), it means that the maximum value for these identifiers is 2,147,483,647.

Setting a user with a specific UID:GID serves several important purposes in Unix-like operating systems:

  1. Identification: The UID uniquely identifies a user, while the GID identifies the group to which the user belongs. This helps the system manage user permissions and access control.
  2. Permissions Management: UIDs and GIDs are used to determine the access rights of users and groups to files and directories. For example, a file might be readable and writable by its owner (identified by UID), but only readable by others in the same group (identified by GID).
  3. Security: By assigning different UIDs and GIDs, the system can enforce security policies, ensuring that users can only access the resources they are permitted to. This is crucial for maintaining the integrity and confidentiality of data.
  4. Resource Allocation: UIDs and GIDs help in allocating system resources, such as CPU time and memory, to users and groups.
  5. This ensures fair usage and prevents any single user or group from monopolizing system resources.

Vulnerability details: containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior for environments that require containers to run as a non-root user.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2024-40635

Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

Arm CPU Security Update:  Training in Transient Execution Attacks (17th Mar 2025)

Leave a comment

Initial release: August 8, 2023

Last updated: 14 Mar 2025

Preface: AMD’s Zen3 and Zen4 architectures are not directly related to ARM design, as they are based on AMD’s own x86-64 architecture. ARM is concerned about Training in Transient Execution (TTE) attacks because these attacks exploit vulnerabilities in speculative execution, which can affect ARM processors just as they do other architectures like x86.

Background: There are 2 phenomena that enable an unprivileged attacker to leak arbitrary information on AMD Zen3 and Zen4 CPU products.

  • Phantom speculation – Trigger misprediction without any branch at the source of the misprediction.
  • Training in Transient Execution – Potential manipulate future mispredictions through a previous misprediction that attacker trigger.

Here are some key reasons why ARM is worried about TTE attacks:

Microarchitectural Manipulation: TTE attacks involve manipulating microarchitectural buffers, such as the branch target buffer (BTB) and return stack buffer (RSB), during speculative execution. This manipulation can lead to mispredictions and create transient windows where sensitive data can be accessed.

Cross-Architecture Concerns: While ARM processors have different microarchitectural designs compared to x86 processors, the fundamental principles of speculative execution and transient execution attacks apply across architectures. This means ARM needs to address these vulnerabilities to ensure the security of their processors.

Security Implications: Successful TTE attacks can bypass existing security mitigations and leak sensitive information, posing a significant threat to the security of ARM-based systems.

Official announcement: For details, please refer to the link – https://developer.arm.com/documentation/110363/1-0/?lang=en

AI and ML, Network (Protocol, Topology & Standard), Potential Risk of CVE

CVE-2025-21424: Memory corruption while calling the NPU driver APIs concurrently (16th Mar 2025)

Leave a comment

NVD Published Date: 03/03/2025
NVD Last Modified: 03/07/2025

Preface: Real-time processing of sensor data for tasks like obstacle detection and navigation is crucial, making NPUs ideal for these applications. NPUs help in real-time decision-making and control, which is essential for robotic applications. While NPUs are highly efficient for specific AI applications, they cannot replace GPUs due to their limited scope.

Background: Mutex Unlocking: The mutex is unlocked after the resource has been freed.

If another thread tries to access the resource after it has been freed but before the mutex is unlocked, it can lead to a use-after-free vulnerability. This is because the memory location might be reused for another purpose, leading to undefined behavior when the freed resource is accessed.

Vulnerability details: Memory corruption while calling the NPU driver APIs concurrently.

Reference:

mutex_unlock: This function releases a mutex that was previously locked. Mutexes are used to ensure that only one thread can access a particular section of code or data at a time, preventing race conditions.

&npu_dev->dev_lock: This is the address of the mutex lock associated with the npu_dev device. The dev_lock is a member of the npu_dev structure, and the & operator gets its address.

When this command is executed, it releases the lock on dev_lock, allowing other threads that might be waiting to acquire the lock to proceed

Official announcement: Please see the link for details –

https://nvd.nist.gov/vuln/detail/CVE-2025-21424

AI and ML, Potential Risk of CVE

CVE-2025-23242 & CVE-2025-23243:NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue (13th Mar 2025)

Leave a comment

Preface: NeMo is an open source PyTorch-based toolkit for research in conversational AI that exposes more of the model and PyTorch internals. Riva supports the ability to import supported models trained in NeMo.

NVIDIA Riva is a GPU-accelerated SDK for building Speech AI applications, customized for your use case, and delivering real-time performance.

Background: NVIDIA Riva does not come with any default user accounts. Instead, it relies on secure access through NVIDIA NGC (NVIDIA GPU Cloud). Users need to log in to NGC to access and deploy Riva services. This ensures that only authorized users can set up and manage Riva deployments.

NVIDIA Riva’s default access control mechanisms are designed to ensure secure deployment and operation. By default, Riva employs:

Role-Based Access Control (RBAC): This allows administrators to define roles and assign permissions to users based on their roles.

There is authentication between NVIDIA NGC and Riva. When you pull Riva container images from NGC, you need to authenticate using your NGC API key. This involves:

  1. NGC CLI Configuration: You set up the NGC CLI with your API key, which acts as your authentication credential1.
  2. OAuth Token: The username for authentication is $oauthtoken, and the password is your NGC_API_KEY

Vulnerability details:

CVE-2025-23242 – NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure.

CVE-2025-23243 – NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tampering or denial of service.

Official announcement: Please see the official link for details –

https://nvidia.custhelp.com/app/answers/detail/a_id/5625

antihackingonline.com