114 matches found
Immutability Does Not Guarantee Trust: a Formal and Logical Refutation
It is frequently claimed in blockchain discourse that immutability guarantees trust. This paper rigorously refutes that assertion. We define immutability as the cryptographic persistence of historical states in an append-only data structure and contrast it with trust, understood as a rational...
SUSE CVE-2025-38115
In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash on gsoskb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch-q.len can be inflated by packets in sch-gsoskb, and an...
UBUNTU-CVE-2025-38115
In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash on gsoskb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch-q.len can be inflated by packets in sch-gsoskb, and an...
Fairness and Bias in Algorithmic Hiring: a Multidisciplinary Survey
Employers are adopting algorithmic hiring technology throughout the recruitment pipeline. Algorithmic fairness is especially applicable in this domain due to its high stakes and structural inequalities. Unfortunately, most work in this space provides partial treatment, often constrained by two...
Don'T Hash Me like That: Exposing and Mitigating Hash-Induced Unfairness in Local Differential Privacy
Local differential privacy LDP has become a widely accepted framework for privacy-preserving data collection. In LDP, many protocols rely on hash functions to implement user-side encoding and perturbation. However, the security and privacy implications of hash function selection have not been...
kernel: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in childcfsrqonlist childcfsrqonlist attempts to convert a 'prev' pointer to a cfsrq. This 'prev' pointer can originate from struct rq's leafcfsrqlist, making the conversion invalid and...
SUSE CVE-2025-38083
In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeflushbacklog 3: unlock root | ...
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024128 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit bsc1239077. Patch Instructions: To...
Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900. CVE-2024-58013:...
Unraveling Ethereum'S Mempool: the Impact of Fee Fairness, Transaction Prioritization, and Consensus Efficiency
Ethereum's transaction pool mempool dynamics and fee market efficiency critically affect transaction inclusion, validator workload, and overall network performance. This research empirically analyzes gas price variations, mempool clearance rates, and block finalization times in Ethereum's...
The Scales of Justitia: a Comprehensive Survey on Safety Evaluation of LLMs
With the rapid advancement of artificial intelligence technology, Large Language Models LLMs have demonstrated remarkable potential in the field of Natural Language Processing NLP, including areas such as content generation, human-computer interaction, machine translation, and code generation,...
Design, Implementation, and Analysis of Fair Faucets for Blockchain Ecosystems
The present dissertation addresses the problem of fairly distributing shared resources in non-commercial blockchain networks. Blockchains are distributed systems that order and timestamp records of a given network of users, in a public, cryptographically secure, and consensual way. The records,...
kernel: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in childcfsrqonlist childcfsrqonlist attempts to convert a 'prev' pointer to a cfsrq. This 'prev' pointer can originate from struct rq's leafcfsrqlist, making the conversion invalid and...
CADRE: Customizable Assurance of Data Readiness in Privacy-Preserving Federated Learning
Privacy-Preserving Federated Learning PPFL is a decentralized machine learning approach where multiple clients train a model collaboratively. PPFL preserves privacy and security of the client's data by not exchanging it. However, ensuring that data at each client is of high quality and ready for...
Private Rate-Constrained Optimization with Applications to Fair Learning
Many problems in trustworthy ML can be formulated as minimization of the model error under constraints on the prediction rates of the model for suitably-chosen marginals, including most group fairness constraints demographic parity, equality of odds, etc.. In this work, we study such constrained...
MPMA: Preference Manipulation Attack against Model Context Protocol
Model Context Protocol MCP standardizes interface mapping for large language models LLMs to access external data and tools, which revolutionizes the paradigm of tool selection and facilitates the rapid expansion of the LLM agent tool ecosystem. However, as the MCP is increasingly adopted,...
kernel: sched: sch_cake: fix bulk flow accounting logic for host fairness
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: fix bulk flow accounting logic for host fairness In schcake, we keep track of the count of active bulk flows per host, when running in dst/src host fairness mode, which is used as the round-robin weight when...
Fair Play for Individuals, Foul Play for Groups? Auditing Anonymization'S Impact on ML Fairness
Machine learning ML algorithms are heavily based on the availability of training data, which, depending on the domain, often includes sensitive information about data providers. This raises critical privacy concerns. Anonymization techniques have emerged as a practical solution to address these...
Building Trustworthy Multimodal AI: a Review of Fairness, Transparency, and Ethics in Vision-Language Tasks
Objective: This review explores the trustworthiness of multimodal artificial intelligence AI systems, specifically focusing on vision-language tasks. It addresses critical challenges related to fairness, transparency, and ethical implications in these systems, providing a comparative analysis of...
A Comment on "E-PoS: Making PoS Decentralized and Fair"
Proof-of-Stake PoS is a prominent Sybil control mechanism for blockchain-based systems. In "e-PoS: Making PoS Decentralized and Fair," Saad et al. TPDS'21 introduced a new Proof-of-Stake protocol, e-PoS, to enhance PoS applications' decentralization and fairness. In this comment paper, we address...