MoEcho: Exploiting Side-Channel Attacks to Compromise User Privacy in Mixture-Of-Experts LLMs

The transformer architecture has become a cornerstone of modern AI, fueling remarkable progress across applications in natural language processing, computer vision, and multimodal learning. As these models continue to scale explosively for performance, implementation efficiency remains a critical...

UBUNTU-CVE-2025-38565

In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perfmmap fail When perfmmap fails to allocate a buffer, it still invokes the eventmapped callback of the related event. On X86 this might increase the perfrdpmcallowed reference counter. But nothing undoe...

CVE-2025-38565 perf/core: Exit early on perf_mmap() fail

In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perfmmap fail When perfmmap fails to allocate a buffer, it still invokes the eventmapped callback of the related event. On X86 this might increase the perfrdpmcallowed reference counter. But nothing undoe...

CVE-2025-38565

CVE-2025-38565: In the Linux kernel perf_mmap() path, if buffer allocation fails the code still invokes event_mapped(), which can increment perf_rdpmc_allowed on x86 and leaks references because perf_mmap_close() is not called. The documented fix is to return early on failure to prevent the refer...

netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability

A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

SaMOSA: Sandbox for Malware Orchestration and Side-Channel Analysis

Cyber-attacks on operational technology OT and cyber-physical systems CPS have increased tremendously in recent years with the proliferation of malware targeting Linux-based embedded devices of OT and CPS systems. Comprehensive malware detection requires dynamic analysis of execution behavior in...

Linux Distros Unpatched Vulnerability : CVE-2021-4218

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's implementation of reading the SVC RDMA counters. Reading the counter sysctl panics the system. This flaw allows a local...

Linux Distros Unpatched Vulnerability : CVE-2025-38076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: alloctag: allocate percpu counters for module tags dynamically When a module gets unloaded i...

Linux Distros Unpatched Vulnerability : CVE-2018-6260

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU...

Linux Distros Unpatched Vulnerability : CVE-2024-26690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in ,...

Linux Distros Unpatched Vulnerability : CVE-2025-22089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hwcounters outside of init net namespace Commit 467f432a521a...

PRACtical: Subarray-Level Counter Update and Bank-Level Recovery Isolation for Efficient PRAC Rowhammer Mitigation

As DRAM density increases, Rowhammer becomes more severe due to heightened charge leakage, reducing the number of activations needed to induce bit flips. The DDR5 standard addresses this threat with in-DRAM per-row activation counters PRAC and the Alert Back-Off ABO signal to trigger mitigation...

CANDoSA: a Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN Bus

The Controller Area Network CAN protocol, essential for automotive embedded systems, lacks inherent security features, making it vulnerable to cyber threats, especially with the rise of autonomous vehicles. Traditional security measures offer limited protection, such as payload encryption and...

Unbreakable Enterprise kernel security update

6.12.0-101.33.4.3 - Revert 'Add normal counters' Boris Ostrovsky Orabug: 38171405 6.12.0-101.33.4.2 - sunrpc: handle SVCGARBAGE during svc auth processing as auth error Jeff Layton Orabug: 38178286 CVE-2025-38089 - mm: memcontrol: remove memcg from LRU on release instead of offline Harry Yoo...

net: decrease cached dst counters in dst_release

...

SUSE CVE-2025-38322

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix crash in iclupdatetopdownevent The perffuzzer found a hard-lockup crash on a RaptorLake machine: Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000 CPU: 23 UID: 0 PID: 0 Comm: swapper/23...

PT-2025-37205

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the ath10k driver where, in rare cases, the driver may lose connection with the PCIe bus. This can lead to system crashes during resuming due to...

CnC-PRAC: Coalesce, Not Cache, Per Row Activation Counts for an Efficient In-DRAM Rowhammer Mitigation

JEDEC has introduced the Per Row Activation Counting PRAC framework for DDR5 and future DRAMs to enable precise counting of DRAM row activations using per-row activation counts. While recent PRAC implementations enable holistic mitigation of Rowhammer attacks, they impose slowdowns of up to 10% d...

CVE-2025-38076

In the Linux kernel, the following vulnerability has been resolved: alloctag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still in use and if so, we keep the memory containing module's allocation tags alive until all tags...

SUSE CVE-2025-38076

In the Linux kernel, the following vulnerability has been resolved: alloctag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still in use and if so, we keep the memory containing module's allocation tags alive until all tags...