1911 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevents vector leaks during CPU offline states. The absence of IRQDMOVEPCNTXT prevents immediate effectiveness of interrupt affinity reconfiguration via procfs. Instead, the change is deferred unti...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet-fcloop: Check remoteport-portstate before calling done Callback In the nvmefchandlelsrqstwork function, the lsrsp-done callback is set only when remoteport-portstate is FCOBJSTATEONLINE. Otherwise, the nvmefcxmtlsrsp’s LLDD...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed an oops during rmmod on single-CPU platforms. During the removal of the idxd driver, a registered offline callback was invoked as part of the cleanup process. However, on systems with only one CPU online, n...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: Do not decrement the preempt count of the idle task when the CPU is offline. With PREEMPTCOUNT=y, when a CPU is offline and then brought back online, we encounter the following issue: BUG: Scheduling while atomic:...
Astra Linux – Vulnerability in Chromium
Inappropriate implementations of offline features in Google Chrome on Android before version 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to bypass site isolation through a crafted HTML page...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crashes. When CPU 0 is offline and intelpowerclamp is used to simulate idle state, it causes a kernel bug: Bug: Using smpprocessorid in preemptible 000000...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: blk-iolatency: Fixed imbalances in the number of in-flight IO operations and issues with hanging during offline conditions. iolatency needs to track the number of in-flight IO operations per cgroup. Since this tracking can be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Stop the dlserver function before the CPU goes offline. The IBM CI tool reported a kernel warning1 when performing a CPU removal operation using drmgr2. For example: “drmgr -c cpu -r -q 1”. WARNING: CPU: 0 PID: 0 ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs. If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, the following warning is observed upon reboot: kexec: Waking offline CPU 228...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEVOFFLINE when UFS is shut down There is a history of deadlock issues when a reboot is performed at the beginning of booting. After UFS shuts down, SDEVQUIESCE is set for all LU’s scsidevices. At that time,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fixed a deadlock that occurred when hugetlboptimizevmemmap was enabled. When I performed hard offline tests with hugetlb pages, a deadlock occurred as follows:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: workqueue: The issue related to the selection of wakecpu in kickpool has been fixed. With cpupossiblemask=0-63 and cpuonlinemask=0-7, the following kernel error was observed: smp: Bringing up secondary CPUs… smp: Brought up 1 nod...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fixed the imbalance in schedsmtpresent. I received the following warning during the stress test: jump label: negative count! WARNING: CPU: 3, PID: 38, at kernel/jumplabel.c:263, statickeyslowtrydec+0x9d/0xb0 Call Trace...
Secret Stealing Attacks on Local LLM Fine-Tuning through Supply-Chain Model Code Backdoors
Local fine-tuning datasets routinely contain sensitive secrets such as API keys, personal identifiers, and financial records. Although ''local offline fine-tuning'' is often viewed as a privacy boundary, we reveal that compromised model code is sufficient to steal them. Current passive...
ExploitSense
ExploitSense ExploitSense is a local-first vulnerability anal...
Sentinal-ai
Sentinal-ai Free, offline...
SNF - Shadow Network Fingerprinting Engine
SNF Shadow Network Fingerprinting Engine is a 100% offline, air-gap-native passive network intelligence engine written entirely in Rust. It was designed from the ground up for environments where outbound connectivity is not just unavailable but prohibited: classified defense networks, nuclear...
[SECURITY] Fedora 44 Update: zeal-0.8.0-2.fc44
Zeal is a simple offline documentation browser inspired by Dash...
Ghost in the Agent: Redefining Information Flow Tracking for LLM Agents
Autonomous Large Language Model LLM agents are increasingly deployed to conduct complex tasks by interacting with external tools, APIs, and memory stores. However, processing untrusted external data exposes these agents to severe security threats, such as indirect prompt injection and unauthorize...
Nimiq 安全漏洞
Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.3.0 contained a security vulnerability. This vulnerability stemmed from the network-libp2p library’s use of the libp2p ConnectionHandler state machine. This handler assumes that each connection...