Lucene search
K

8 matches found

Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.8 views

Dstack-Capsule: Pod-Level Remote Attestation for Confidential Workloads on Kubernetes

The rise of LLM-as-a-Service and other confidential cloud workloads demands cryptographic proof that user data is processed in a trusted, untampered environment. Existing solutions, notably Confidential Containers CoCo, enforce a strict "one Pod per VM" model that attests only the Guest OS stack,...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/03/26 7:49 p.m.8 views

Contrast BadAML injection allows arbitrary code execution

BadAML BadAML is an AML injection attack that exploits the ACPI interface and allows arbitrary code execution in a confidential VM. The attack was first published in 2024: - - Impact An attacker with control over the host which is assumed in the attacker model of Contrast can execute malicious AM...

6.5AI score
Exploits0References4Affected Software1
Packet Storm News
Packet Storm News
added 2025/06/08 12:0 a.m.8 views

NanoZone: Scalable, Efficient, and Secure Memory Protection for Arm CCA

Arm Confidential Computing Architecture CCA currently isolates at the granularity of an entire Confidential Virtual Machine CVM, leaving intra-VM bugs such as Heartbleed unmitigated. The state-of-the-art narrows this to the process level, yet still cannot stop attacks that pivot within the same...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/29 5:22 p.m.13 views

WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy

Popular messaging app WhatsApp on Tuesday unveiled a new technology called Private Processing to enable artificial intelligence AI capabilities in a privacy-preserving manner. "Private Processing will allow users to leverage powerful optional AI features – like summarizing unread messages or...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-48890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM storvscqueuecommand maps th...

5.5CVSS6AI score0.00208EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/08/22 3:29 a.m.4 views

SUSE CVE-2022-48890

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM storvscqueuecommand maps the scatter/gather list using scsidmamap, which in a confidential VM allocates swiotlb bounce buffers. If the I/O submission fails in...

5.5CVSS6.5AI score0.00208EPSS
Exploits0References8
OSV
OSV
added 2024/08/21 7:15 a.m.11 views

UBUNTU-CVE-2022-48890

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM storvscqueuecommand maps the scatter/gather list using scsidmamap, which in a confidential VM allocates swiotlb bounce buffers. If the I/O submission fails in...

5.5CVSS6AI score0.00208EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/12/14 12:0 a.m.13 views

PT-2022-7634 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a swiotlb bounce buffer leak in confidential VMs. The storvsc queuecommand function maps the scatter/gather list using scsi dma map, which allocates swiotlb...

8.4CVSS6.8AI score0.0193EPSS
Exploits13References1598
Rows per page
Query Builder