CVE-2022-50623 fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()

In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The "hdr.count sizeofs32" multiplication can overflow on 32 bit systems leading to memory corruption. Use arraysize to fix that...

CVE-2025-54520

Improper Protection Against Voltage and Clock Glitches in FPGA devices, could allow an attacker with physical access to undervolt the platform resulting in a loss of confidentiality...

Undervoltage-based Static Side-channel Attacks (“Chypnosis”) on FPGAs

Summary This document describes a potential attack technique against FPGA devices that leverages side-channel analysis SCA techniques to physically extract register and memory content from the device. In applications following best practices for security, critical data, such as decryption keys, i...

SUSE CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

DEBIAN-CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

ML-Enhanced AES Anomaly Detection for Real-Time Embedded Security

Advanced Encryption Standard AES is a widely adopted cryptographic algorithm, yet its practical implementations remain susceptible to side-channel and fault injection attacks. In this work, we propose a comprehensive framework that enhances AES-128 encryption security through controlled anomaly...

An Efficient Hardware Implementation of Elliptic Curve Point Multiplication over $GF(2^M)$ on FPGA

Elliptic Curve Cryptography ECC is widely accepted for ensuring secure data exchange between resource-limited IoT devices. The National Institute of Standards and Technology NIST recommended implementation, such as B-163, is particularly well-suited for Internet of Things IoT applications. Here,...

A Unified Hardware Accelerator for Fast Fourier Transform and Number Theoretic Transform

The Number Theoretic Transform NTT is an indispensable tool for computing efficient polynomial multiplications in post-quantum lattice-based cryptography. It has strong resemblance with the Fast Fourier Transform FFT, which is the most widely used algorithm in digital signal processing. In this...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from waiting for fifo occupancy to fall below a threshold in an FPGA could result in a soft CPU lockup...

Rockwell Automation Allen-Bradley Stratix 5950 Improper Access Control (CVE-2019-1649)

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that...

Cisco Firepower Threat Defense (FTD) Secure Boot Hardware Tampering Vulnerability (cisco-sa-20190513-secureboot)

According to its version, the Cisco Firepower Threat Defense FTD software installed on the remote host is affected by a vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local...

Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices

Cisco has disclosed an unpatched, high-severity vulnerability that impacts millions of devices, in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation. Cisco has also disclosed a similarly widely-impacting high-severity bug tha...