Linux Distros Unpatched Vulnerability : CVE-2021-32037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually,...

Linux Distros Unpatched Vulnerability : CVE-2024-5660

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of Hardware Page Aggregation HPA and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1,...

On the Security and Privacy of Federated Learning: a Survey with Attacks, Defenses, Frameworks, Applications, and Future Directions

Federated Learning FL is an emerging distributed machine learning paradigm enabling multiple clients to train a global model collaboratively without sharing their raw data. While FL enhances data privacy by design, it remains vulnerable to various security and privacy threats. This survey provide...

Linux Distros Unpatched Vulnerability : CVE-2021-32040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of th...

Developing a Transferable Federated Network Intrusion Detection System

Intrusion Detection Systems IDS are a vital part of a network-connected device. In this paper, we develop a deep learning based intrusion detection system that is deployed in a distributed setup across devices connected to a network. Our aim is to better equip deep learning models against unknown...

MADPromptS: Unlocking Zero-Shot Morphing Attack Detection with Multiple Prompt Aggregation

Face Morphing Attack Detection MAD is a critical challenge in face recognition security, where attackers can fool systems by interpolating the identity information of two or more individuals into a single face image, resulting in samples that can be verified as belonging to multiple identities by...

Linux Distros Unpatched Vulnerability : CVE-2022-50002

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: LAG, fix logic over MLX5LAGFLAGNDEVSREADY Only set MLX5LAGFLAGNDEVSREADY if both netdevices are registered. Doing so guarantees that both...

Per-Element Secure Aggregation against Data Reconstruction Attacks in Federated Learning

Federated learning FL enables collaborative model training without sharing raw data, but individual model updates may still leak sensitive information. Secure aggregation SecAgg mitigates this risk by allowing the server to access only the sum of client updates, thereby concealing individual...

From Split to Share: Private Inference with Distributed Feature Sharing

Cloud-based Machine Learning as a Service MLaaS raises serious privacy concerns when handling sensitive client data. Existing Private Inference PI methods face a fundamental trade-off between privacy and efficiency: cryptographic approaches offer strong protection but incur high computational...

Linux Distros Unpatched Vulnerability : CVE-2023-52611

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic error...

Experimental Evaluation of Post-Quantum Homomorphic Encryption for Privacy-Preserving V2X Communication

Intelligent Transportation Systems ITS fundamentally rely on vehicle-generated data for applications such as congestion monitoring and route optimization, making the preservation of user privacy a critical challenge. Homomorphic Encryption HE offers a promising solution by enabling computation on...

MongoDB 6.0.x < 6.0.21 / 7.0.x < 7.0.17 / 8.0.x < 8.0.4 Unexpected Behavior (SERVER-106746)

The version of MongoDB installed on the remote host is 6.0 prior to 6.0.21, 7.0 prior to 7.0.17 and 8.0 prior to 8.0.4. It is, therefore, affected by a vulnerability as referenced in the SERVER-106746 advisory. - An authenticated user may trigger a use after free that may result in MongoDB Server...

MongoDB 6.0.x < 6.0.22 / 7.0.x < 7.0.20 / 8.0.x < 8.0.7 Privilege Escalation (SERVER-106752)

The version of MongoDB installed on the remote host is 6.0 prior to 6.0.22, 7.0 prior to 7.0.20 and 8.0 prior to 8.0.7. It is, therefore, affected by a vulnerability as referenced in the SERVER-106752 advisory. - An unauthorized user may leverage a specially crafted aggregation pipeline to access...

CVE-2025-38477 net/sched: sch_qfq: Fix race condition on qfq_aggregate

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

DP2Guard: a Lightweight and Byzantine-Robust Privacy-Preserving Federated Learning Scheme for Industrial IoT

Privacy-Preserving Federated Learning PPFL has emerged as a secure distributed Machine Learning ML paradigm that aggregates locally trained gradients without exposing raw data. To defend against model poisoning threats, several robustness-enhanced PPFL schemes have been proposed by integrating...

Adaptive Network Security Policies Via Belief Aggregation and Rollout

Evolving security vulnerabilities and shifting operational conditions require frequent updates to network security policies. These updates include adjustments to incident response procedures and modifications to access controls, among others. Reinforcement learning methods have been proposed for...

A Privacy-Preserving Framework for Advertising Personalization Incorporating Federated Learning and Differential Privacy

To mitigate privacy leakage and performance issues in personalized advertising, this paper proposes a framework that integrates federated learning and differential privacy. The system combines distributed feature extraction, dynamic privacy budget allocation, and robust model aggregation to balan...

Numeric Truncation Error

Overview Affected versions of this package are vulnerable to Numeric Truncation Error in the aggregation process. An attacker can cause data corruption, unauthorized data modification, or application crashes by submitting specially crafted input that leads to the number of aggregate terms exceedi...

Differentially Private Federated Low Rank Adaptation beyond Fixed-Matrix

Large language models LLMs typically require fine-tuning for domain-specific tasks, and LoRA offers a computationally efficient approach by training low-rank adapters. LoRA is also communication-efficient for federated LLMs when multiple users collaboratively fine-tune a global LLM model without...

PT-2025-31074

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition can occur when agg is modified while other threads access it concurrently, potentially leading to a NULL dereference or a use-after-free. The issue arises from concurren...