6 matches found
Astra Linux – Vulnerability in Firefox
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have led to this text being interpreted by the webpage. This vulnerability affects Firefox versions...
CompLeak: Deep Learning Model Compression Exacerbates Privacy Leakage
Model compression is crucial for minimizing memory storage and accelerating inference in deep learning DL models, including recent foundation models like large language models LLMs. Users can access different compressed model versions according to their resources and budget. However, while existi...
Inference Attacks for X-Vector Speaker Anonymization
We revisit the privacy-utility tradeoff of x-vector speaker anonymization. Existing approaches quantify privacy through training complex speaker verification or identification models that are later used as attacks. Instead, we propose a novel inference attack for de-anonymization. Our attack is...
DeSIA: Attribute Inference Attacks against Limited Fixed Aggregate Statistics
Empirical inference attacks are a popular approach for evaluating the privacy risk of data release mechanisms in practice. While an active attack literature exists to evaluate machine learning models or synthetic data release, we currently lack comparable methods for fixed aggregate statistics, i...
CVE-2020-10369
CVE-2020-10369 affects Cypress (and Broadcom) Wireless Combo chips. The connected Red Hat, CIRCL, NVD and related feeds describe a memory-content inference vulnerability via a Spectra attack when a January 2021 firmware update is not present. The vulnerability is tied to these wireless combo comp...
hw: L1D Cache Eviction Sampling
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...