Shape and Substance: Dual-Layer Side-Channel Attacks on Local Vision-Language Models

On-device Vision-Language Models VLMs promise data privacy via local execution. However, we show that the architectural shift toward Dynamic High-Resolution preprocessing e.g., AnyRes introduces an inherent algorithmic side-channel. Unlike static models, dynamic preprocessing decomposes images in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from userfaultfdmove and swap cache contention resulting in a corrupted RSS counter...

OESA-2024-1972 bind security update

Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Security Fixes: Resolver...

RHEL: Add Spectre-BHB mitigation for AmpereOne

A known cache speculation vulnerability, the Branch History Injection BHI or Spectre-BHB, was found in new hw that are cores Cortex: A57, A72, A76, A77, A78, A78AE, A78C, A710, X1, X2; Neoverse: N1, N2, V1; Ampere1. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared...

Important: kernel

Issue Overview: When a router encounters an IPv6 packet too big to transmit to the next-hop, it returns an ICMP6 "Packet Too Big" PTB message to the sender. The sender caches this updated Maximum Transmission Unit MTU so it knows not to exceed this value when subsequently routing to the same host...