CVE-2022-50118

In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARNON for PMI check in powerpmudisable commit 2c9ac51b850d "powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC" added a new function...

CVE-2022-50118

CVE-2022-50118 describes a Linux kernel issue in the PowerPC perf PMU path. A new pmi_irq_pending check in hw_irq.h is used by power_pmu_disable to warn if PMI is pending when no counter overflows. The patch set removes the WARN_ON for PMI in this scenario and adds an optimization to clear pendin...

CVE-2022-50118

In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARNON for PMI check in powerpmudisable commit 2c9ac51b850d "powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC" added a new function...

CVE-2022-50118 powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable

In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARNON for PMI check in powerpmudisable commit 2c9ac51b850d "powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC" added a new function...

CVE-2022-50100

CVE-2022-50100 affects the Linux kernel sched/core: Do not requeue a task on a CPU excluded from cpus_mask. The issue arises from a ttwu wakeup optimization that could queue a task on the wrong CPU, triggering an early-boot warning on large machines. The commit c6e7bd7afaeb implements a fix by en...

CVE-2025-38008

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: fix race condition in unaccepted memory handling The page allocator tracks the number of zones that have unaccepted memory using staticbranchenc/dec and uses that static branch in hot paths to determine if it needs ...

CVE-2025-38048 virtio_ring: Fix data race by tagging event_triggered as racy for KCSAN

In the Linux kernel, the following vulnerability has been resolved: virtioring: Fix data race by tagging eventtriggered as racy for KCSAN syzbot reports a data-race when accessing the eventtriggered, here is the simplified stack when the issue occurred:...

TencentOS Server 2: firefox (TSSA-2024:0123)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0123 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TimberStrike: Dataset Reconstruction Attack Revealing Privacy Leakage in Federated Tree-Based Systems

Federated Learning has emerged as a privacy-oriented alternative to centralized Machine Learning, enabling collaborative model training without direct data sharing. While extensively studied for neural networks, the security and privacy implications of tree-based models remain underexplored. This...

TooBadRL: Trigger Optimization to Boost Effectiveness of Backdoor Attacks on Deep Reinforcement Learning

Deep reinforcement learning DRL has achieved remarkable success in a wide range of sequential decision-making domains, including robotics, healthcare, smart grids, and finance. Recent research demonstrates that attackers can efficiently exploit system vulnerabilities during the training phase to...

BIT-MARIADB-MIN-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

firefox: thunderbird: Out-of-bounds access when optimizing linear sums

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes...

firefox: thunderbird: Out-of-bounds access when optimizing linear sums

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes...

Obfuscation-Resilient Binary Code Similarity Analysis Using Dominance Enhanced Semantic Graph

Binary code similarity analysis BCSA serves as a core technique for binary analysis tasks such as vulnerability detection. While current graph-based BCSA approaches capture substantial semantics and show strong performance, their performance suffers under code obfuscation due to the unstable...

Breaking the Gaussian Barrier: Residual-PAC Privacy for Automatic Privatization

The Probably Approximately Correct PAC Privacy framework 1 provides a powerful instance-based methodology for certifying privacy in complex data-driven systems. However, existing PAC Privacy algorithms rely on a Gaussian mutual information upper bound. We show that this is in general too...

When Blockchain Meets Crawlers: Real-Time Market Analytics in Solana NFT Markets

In this paper, we design and implement a web crawler system based on the Solana blockchain for the automated collection and analysis of market data for popular non-fungible tokens NFTs on the chain. Firstly, the basic information and transaction data of popular NFTs on the Solana chain are...

Heterogeneous Secure Transmissions in IRS-Assisted NOMA Communications: CO-GNN Approach

Intelligent Reflecting Surfaces IRS enhance spectral efficiency by adjusting reflection phase shifts, while Non-Orthogonal Multiple Access NOMA increases system capacity. Consequently, IRS-assisted NOMA communications have garnered significant research interest. However, the passive nature of the...

Amazon Linux 2023 : mariadb105, mariadb105-backup, mariadb105-common (ALAS2023-2025-990)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-990 advisory. MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and...

A Systematic Review of Metaheuristics-Based and Machine Learning-Driven Intrusion Detection Systems in IoT

The widespread adoption of the Internet of Things IoT has raised a new challenge for developers since it is prone to known and unknown cyberattacks due to its heterogeneity, flexibility, and close connectivity. To defend against such security breaches, researchers have focused on building...

MISLEADER: Defending against Model Extraction with Ensembles of Distilled Models

Model extraction attacks aim to replicate the functionality of a black-box model through query access, threatening the intellectual property IP of machine-learning-as-a-service MLaaS providers. Defending against such attacks is challenging, as it must balance efficiency, robustness, and utility...