Communication-Optimal Blind Quantum Protocols

A user, Alice, wants to get server Bob to implement a quantum computation for her. However, she wants to leave him blind to what she's doing. What are the minimal communication resources Alice must use in order to achieve information-theoretic security? In this paper, we consider a single step of...

AZL-69887 CVE-2025-37822 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: riscv: uprobes: Add missing fence.i after building the XOL buffer The XOL execute out-of-line buffer is used to single-step the replaced instructions for uprobes. The RISC-V port was missing a proper fence.i i$ flushing after...

Quantifying the Noise of Structural Perturbations on Graph Adversarial Attacks

Graph neural networks have been widely utilized to solve graph-related tasks because of their strong learning power in utilizing the local information of neighbors. However, recent studies on graph adversarial attacks have proven that current graph neural networks are not robust against malicious...

UBUNTU-CVE-2025-21894

In the Linux kernel, the following vulnerability has been resolved: net: enetc: VFs do not support HWTSTAMPTXONESTEPSYNC Actually ENETC VFs do not support HWTSTAMPTXONESTEPSYNC because only ENETC PF can access PMaSINGLESTEP registers. And there will be a crash if VFs are used to test one-step...

From Spring Cloud Data Flow 2.11.x to 3.0

Dear Spring Community, With the recent announcement of Spring Framework 7.0 and Spring Boot 4.0, the Spring Cloud Data Flow team is pleased to announce the next major release, SCDF 3.0, to align with both Spring Framework 7.0 and Spring Boot 4.0. This will bring the following SCDF ecosystem of...

SUSE CVE-2024-42240

In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set then entrySYSENTERcompat uses CLEARBRANCHHISTORY and calls the clearbhbloop before the TF flag...

AZL-47528 CVE-2024-42240 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set then entrySYSENTERcompat uses CLEARBRANCHHISTORY and calls the clearbhbloop before the TF flag...

SUSE CVE-2021-47006

In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hwbreakpoint: Do not directly check the event's overflowhandler hook The commit 1879445dfa7b "perf/core: Set event's default ::overflowhandler" set a default event-overflowhandler in perfeventalloc, and replace the...

UBUNTU-CVE-2021-47006

In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hwbreakpoint: Do not directly check the event's overflowhandler hook The commit 1879445dfa7b "perf/core: Set event's default ::overflowhandler" set a default event-overflowhandler in perfeventalloc, and replace the...

CVE-2021-46957

In the Linux kernel, the following vulnerability has been resolved: riscv/kprobe: fix kernel panic when invoking sysread traced by kprobe The execution of sysread end up hitting a BUGON in findgetblock after installing kprobe at sysread, the BUG message like the following: 65.708663 ------------...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: riscv/kprobe: fix kernel panic when invoking sysread traced by kprobe The execution of sysread end up hitting a BUGON in findgetblock after installing kprobe at sysread, the BUG message like the following: 65.708663 ------------...

CVE-2021-46957 riscv/kprobe: fix kernel panic when invoking sys_read traced by kprobe

In the Linux kernel, the following vulnerability has been resolved: riscv/kprobe: fix kernel panic when invoking sysread traced by kprobe The execution of sysread end up hitting a BUGON in findgetblock after installing kprobe at sysread, the BUG message like the following: 65.708663 ------------...

Bread - BIOS Reverse Engineering And Advanced Debugging

BREAD BIOS Reverse Engineering & Advanced Debugging is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code on real HW from another PC via serial cable. Introduction BREAD emerged from many failed attempts to reverse engineer legacy BIOS. Given that the vast majority -- ...

SUSE CVE-2007-3731

The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs the xcs field during ptrace single-step operations, which allows local users to cause a denial of service NULL dereference and OOPS via certain code that makes ptrace PTRACESETREGS and...

Single-step process for critical ownership transfer/renounce is risky

Lines of code Vulnerability details Single-step process for critical ownership transfer/renounce is risky Impact The following contracts and functions, allow owners to interact with core functions such as: execute, rawExecute and setApproval in OwnableSmartWallet registerKnotsToSyndicate,...

Upgraded Q -> M from 264 [1663928566317]

Judge has assessed an item in Issue 264 as Medium risk. The relevant finding follows: L-05 Single-step Vetoer transfer is unsafe If the newVetoer is set to the incorrect address, the functionality will be unretrievable. 1 instance of this issue has been found: L-05 NounsDAOLogicV2.solL839-L845...

Single-step process for critical admin transfer is risky

Handle 0xRajeev Vulnerability details Impact LongShort and Staker contracts have the notion of an “admin” address that is used within onlyAdmin or adminOnly modifiers for granting authorization to critical functions. Such contracts use a single-step ownership transfer of such admin addresses usin...

Citrix SD-WAN Warning: EE provisioning error WAN Optimization is not provisioned. Please use single step upgrade to upgrade your network and schedule installation

After an upgrade to version 10.x the following Warning message is displayed in the GUI:...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4098)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4098 advisory. kernel-uek 3.8.13-118.20.7 - x86/entry/64: Dont use IST entry for BP stack Andy Lutomirski CVE-2018-8897 Tenable has extracted the preceding description blo...

CVE-2018-8897

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...