Bit-Flip Vulnerability of Shared KV-Cache Blocks in LLM Serving Systems

Rowhammer on GPU DRAM has enabled adversarial bit flips in model weights; shared KV-cache blocks in LLM serving systems present an analogous but previously unexamined target. In vLLM's Prefix Caching, these blocks exist as a single physical copy without integrity protection. Using software fault...

Targeted Bit-Flip Attacks on LLM-Based Agents

Targeted bit-flip attacks BFAs exploit hardware faults to manipulate model parameters, posing a significant security threat. While prior work targets single-step inference models e.g., image classifiers, LLM-based agents with multi-stage pipelines and external tools present new attack surfaces,...

TFL: Targeted Bit-Flip Attack on Large Language Model

Large language models LLMs are increasingly deployed in safety and security critical applications, raising concerns about their robustness to model parameter fault injection attacks. Recent studies have shown that bit-flip attacks BFAs, which exploit computer main memory i.e., DRAM vulnerabilitie...

CacheTrap: Injecting Trojans in LLMs without Leaving Any Traces in Inputs or Weights

Adversarial weight perturbation has emerged as a concerning threat to LLMs that either use training privileges or system-level access to inject adversarial corruption in model weights. With the emergence of innovative defensive solutions that place system- and algorithm-level checks and correctio...

TencentOS Server 4: sudo (TSSA-2025:0078)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0078 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

SilentStriker: toward Stealthy Bit-Flip Attacks on Large Language Models

The rapid adoption of large language models LLMs in critical domains has spurred extensive research into their security issues. While input manipulation attacks e.g., prompt injection have been well studied, Bit-Flip Attacks BFAs -- which exploit hardware vulnerabilities to corrupt model paramete...

ObfusBFA: a Holistic Approach to Safeguarding DNNs from Different Types of Bit-Flip Attacks

Bit-flip attacks BFAs represent a serious threat to Deep Neural Networks DNNs, where flipping a small number of bits in the model parameters or binary code can significantly degrade the model accuracy or mislead the model prediction in a desired way. Existing defenses exclusively focus on...

BitHydra: Towards Bit-Flip Inference Cost Attack against Large Language Models

Large language models LLMs have shown impressive capabilities across a wide range of applications, but their ever-increasing size and resource demands make them vulnerable to inference cost attacks, where attackers induce victim LLMs to generate the longest possible output content. In this paper,...

Quantum Support Vector Regression for Robust Anomaly Detection

Anomaly Detection AD is critical in data analysis, particularly within the domain of IT security. In recent years, Machine Learning ML algorithms have emerged as a powerful tool for AD in large-scale data. In this study, we explore the potential of quantum ML approaches, specifically quantum kern...

DEBIAN-CVE-2024-56771

In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information These four chips: W25N512GW W25N01GW W25N01JW W25N02JW all require a single bit of ECC strength and thus feature an on-die Hamming-like ECC engine. There is no...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates from improper handling of ECC information on four of Winbond's SPI NAND chips W25N512GW, W25N01GW, W25N01J...

GHSA-H63V-HW6G-X8HP Bit flip attack vulnerability in cookie-encrypter

due to a weakness in the encryption method used in cookie-encrypter an attack can use the world visible IV to edit encrypted cookies without decrypting the cookie itself. This is known as an AES CBC bit flipping attack...

Bit flip attack vulnerability in cookie-encrypter

due to a weakness in the encryption method used in cookie-encrypter an attack can use the world visible IV to edit encrypted cookies without decrypting the cookie itself. This is known as an AES CBC bit flipping attack...

CLSA-2024-1709547826 sudo: Fix of CVE-2023-42465

CVE-2023-42465: Prevent row hammer attacks by modifying application logic to equal a success value instead of not equaling an error value and enhancing bit flip resistance of values...

OpenSSH Security Vulnerabilities

OpenSSH OpenBSD Secure Shell is a Canadian OpenBSD open source set of connection tools for secure access to remote computers. The tool is an open source implementation of the SSH protocol that supports encryption of all transmissions, effectively blocking eavesdropping, connection hijacking, and...

CVE-2023-42465

Sudo before 1.9.15 might allow row hammer attacks for authentication bypass or privilege escalation because application logic sometimes is based on not equaling an error value instead of equaling a success value, and because the values do not resist flips of a single bit...

CVE-2023-42465

Sudo before 1.9.15 might allow row hammer attacks for authentication bypass or privilege escalation because application logic sometimes is based on not equaling an error value instead of equaling a success value, and because the values do not resist flips of a single bit...

CVE-2023-42465

A flaw was found in the sudo package. This issue could allow a local authenticated attacker to cause a bit to flip, which enables fault injection and may authenticate as the root user. Mitigation In general to address this issue, it's crucial to implement robust logic that prevents unintended...

DRAM 'Rowhammer' Memory Bit Flip Privilege Elevation Vulnerability

DRAM, or Dynamic Random Access Memory, is the most common type of system memory. DRAM devices have security vulnerabilities that allow a local user to run a program that continuously accesses the DRAM, flipping the value of a cell from 1 to 0, or vice versa, allowing elevated privileges to execut...

Rowhammer - NaCl Sandbox Escape

Rowhammer - NaCl Sandbox Escape Sources: http://googleprojectzero.blogspot.ca/2015/03/exploiting-dram-rowhammer-bug-to-gain.html https://code.google.com/p/google-security-research/issues/detail?id=284 Full PoC:...