Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A use-after-free flaw was discovered in the Linux kernel’s SGI GRU driver. This flaw arises from the way the grufileunlockedioctl function is called by the user, resulting in a failure in the grucheckchipletassignment function. This flaw allows a local user to cause a system crash or potentially...

MiracleLinux 9 : kernel-5.14.0-570.19.1.el9_6 (AXSA:2025-10553:45)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10553:45 advisory. kernel: Use after Free in grusetcontextoption leading to kernel panic CVE-2022-3424 kernel: ndisc: use RCU protection in ndiscallocskb CVE-2025-217...

Siemens Ruggedcom ROX Use After Free (CVE-2022-3424)

A use-after-free flaw was found in the Linux kernel's SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the grucheckchipletassignment function. This flaw allows a local user to crash or potentially escalate their privileges on the...

RECTor: Robust and Efficient Correlation Attack on Tor

Tor is a widely used anonymity network that conceals user identities by routing traffic through encrypted relays, yet it remains vulnerable to traffic correlation attacks that deanonymize users by matching patterns in ingress and egress traffic. However, existing correlation methods suffer from t...

EUVD-2009-2579

Malware in sbrugna...

EUVD-2020-0217

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414400)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414400 advisory. A use-after-free flaw was found in the Linux kernels SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occur...

RLSA-2025:8333 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Use after Free in grusetcontextoption leading to kernel panic CVE-2022-3424 kernel: ndisc: use RCU protection in ndiscallocskb CVE-2025-21764 For more details about the security issues,...

EUVD-2022-42800

Malicious code in bioql PyPI...

kernel: Use after Free in gru_set_context_option leading to kernel panic

A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the grucheckchipletassignment function. This flaw allows a local user to crash or potentially escalate their privileges on the...

CVE-2020-26270

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...

Privacy-Preserving Transformers: SwiftKey'S Differential Privacy Implementation

In this paper we train a transformer using differential privacy DP for language modeling in SwiftKey. We run multiple experiments to balance the trade-off between the model size, run-time speed and accuracy. We show that we get small and consistent gains in the next-word-prediction and accuracy...

Russia’s Most Notorious Special Forces Unit Now Has Its Own Cyber Warfare Team

Unit 29155 of Russia’s GRU military intelligence agency—a team responsible for coup attempts, assassinations, and bombings—has branched out into brazen hacking operations with targets across the world...

Russian Military Cyber Actors Target US and Global Critical Infrastructure

Summary The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and National Security Agency NSA assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate GRU 161st Specialist Training Center Unit 29155 are responsible...

Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware

The Computer Emergency Response Team of Ukraine CERT-UA has alerted of a spear-phishing campaign that targeted a scientific research institution in the country with malware known as HATVIBE and CHERRYSPY. The agency attributed the attack to a threat actor it tracks under the name UAC-0063, which...

TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad

...

Russian National Indicted for Cyber Attacks on Ukraine Before 2022 Invasion

A 22-year-old Russian national has been indicted in the U.S. for his alleged role in staging destructive cyber attacks against Ukraine and its allies in the days leading to Russia's full-blown military invasion of Ukraine in early 2022. Amin Timovich Stigal, the defendant in question, is assessed...

SUSE CVE-2022-3424

A use-after-free flaw was found in the Linux kernel's SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the grucheckchipletassignment function. This flaw allows a local user to crash or potentially escalate their privileges on the...

Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting

The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages. APT28, also known by the names BlueDelta, Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, ITG05, Pa...

BIT-TENSORFLOW-2020-26270 CHECK-fail in LSTM with zero-length input in TensorFlow

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...