Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fixed a NULL dereference in Adva board SMA sysfs operations. On Adva boards, operations to store/retrieve data in SMA sysfs can invoke handlesignaloutputs or handlesignalinputs. This occurs when the irig and dcf pointer...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptprate is not 0 before configuring EST If the ptprate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigger a division by 0...

TencentOS Server 3: gmp (TSSA-2024:0214)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0214 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: gmp (TSSA-2025:0119)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0119 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Data Flows in You: Benchmarking and Improving Static Data-Flow Analysis on Binary Executables

Data-flow analysis is a critical component of security research. Theoretically, accurate data-flow analysis in binary executables is an undecidable problem, due to complexities of binary code. Practically, many binary analysis engines offer some data-flow analysis capability, but we lack...

PT-2025-27711

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A division by zero issue can occur in the Linux kernel when the ptp rate is 0 before configuring EST. This happens because a bogus ptp rate value of 0 can propagate up to EST...

CVE-2020-22057

The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were discovered to be configured with the default security descriptor which allows attackers to access sensitive components and data...

CVE-2013-3582

Buffer overflow in Dell BIOS on Dell Latitude D, E, XT2, and Z600 devices, and Dell Precision M devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbupacket.pktNum value in...

CVE-2019-10709

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...

SUSE CVE-2025-37910

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations On Adva boards, SMA sysfs store/get operations can call handlesignaloutputs or handlesignalinputs while the irig and dcf pointers are uninitialized, leading to a...

New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors

Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China. "Over the past few months, it has expanded aggressively, continuously...

SUSE CVE-2025-37875

In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. To fix this, clear the PTM 'trigger' and status after each PTM transaction. The...

DEBIAN-CVE-2025-37875

In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. To fix this, clear the PTM 'trigger' and status after each PTM transaction. The...

UBUNTU-CVE-2025-37875

In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. To fix this, clear the PTM 'trigger' and status after each PTM transaction. The...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an error in the logic of the igc driver PTM cycle triggering, which could lead to unreliable PTM operation...

Learning from the Good Ones: Risk Profiling-Based Defenses against Evasion Attacks on DNNs

Safety-critical applications such as healthcare and autonomous vehicles use deep neural networks DNN to make predictions and infer decisions. DNNs are susceptible to evasion attacks, where an adversary crafts a malicious data instance to trick the DNN into making wrong decisions at inference time...

A Chaos Driven Metric for Backdoor Attack Detection

The advancement and adoption of Artificial Intelligence AI models across diverse domains have transformed the way we interact with technology. However, it is essential to recognize that while AI models have introduced remarkable advancements, they also present inherent challenges such as their...

Hybrid Privacy Policy-Code Consistency Check Using Knowledge Graphs and LLMs

The increasing concern in user privacy misuse has accelerated research into checking consistencies between smartphone apps' declared privacy policies and their actual behaviors. Recent advances in Large Language Models LLMs have introduced promising techniques for semantic comparison, but these...

ALBEDO Telecom Net.Time - PTP/NTP clock 代码问题漏洞

ALBEDO Telecom Net.Time - PTP/NTP clock is a high precision time synchronization device from ALBEDO Telecom. A code issue vulnerability exists in ALBEDO Telecom Net.Time - PTP/NTP clock version 1.4.4, which stems from an insufficient session expiration, and could allow an attacker to transmit...

Automatically Generating Rules of Malicious Software Packages Via Large Language Model

Today's security tools predominantly rely on predefined rules crafted by experts, making them poorly adapted to the emergence of software supply chain attacks. To tackle this limitation, we propose a novel tool, RuleLLM, which leverages large language models LLMs to automate rule generation for O...