MAL-2025-4667 Malicious code in checkout-sparse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f5576b93b0dbfc8f72fa10da0b8b43e6ba0e801c71d51807996063ee1f73f84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in checkout-sparse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f5576b93b0dbfc8f72fa10da0b8b43e6ba0e801c71d51807996063ee1f73f84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Weak-Jamming Detection in IEEE 802.11 Networks: Techniques, Scenarios and Mobility

State-of-the-art solutions detect jamming attacks ex-post, i.e., only when jamming has already disrupted the wireless communication link. In many scenarios, e.g., mobile networks or static deployments distributed over a large geographical area, it is often desired to detect jamming at the early...

CVE-2022-29206

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments. In this case, a reference gets bound to a nullptr during kernel execution. This is...

CVE-2021-29545

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...

GSDFuse: Capturing Cognitive Inconsistencies from Multi-Dimensional Weak Signals in Social Media Steganalysis

The ubiquity of social media platforms facilitates malicious linguistic steganography, posing significant security risks. Steganalysis is profoundly hindered by the challenge of identifying subtle cognitive inconsistencies arising from textual fragmentation and complex dialogue structures, and th...

Adversarially Robust Spiking Neural Networks with Sparse Connectivity

Deployment of deep neural networks in resource-constrained embedded systems requires innovative algorithmic solutions to facilitate their energy and memory efficiency. To further ensure the reliability of these systems against malicious actors, recent works have extensively studied adversarial...

Remote Rowhammer Attack Using Adversarial Observations on Federated Learning Clients

Federated Learning FL has the potential for simultaneous global learning amongst a large number of parallel agents, enabling emerging AI such as LLMs to be trained across demographically diverse data. Central to this being efficient is the ability for FL to perform sparse gradient updates and...

Enhanced Outsourced and Secure Inference for Tall Sparse Decision Trees

A decision tree is an easy-to-understand tool that has been widely used for classification tasks. On the one hand, due to privacy concerns, there has been an urgent need to create privacy-preserving classifiers that conceal the user's input from the classifier. On the other hand, with the rise of...

Cluster-Aware Attacks on Graph Watermarks

Data from domains such as social networks, healthcare, finance, and cybersecurity can be represented as graph-structured information. Given the sensitive nature of this data and their frequent distribution among collaborators, ensuring secure and attributable sharing is essential. Graph...

CVE-2021-37635

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The implementation fails to validate that each reduction group does not overfl...

SUSE CVE-2024-57881

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...

CVE-2024-57881 mm/page_alloc: don't call pfn_to_page() on possibly non-existent PFN in split_large_buddy()

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...

PT-2025-3670

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue is related to the calculation of the virtual address of vmemmap in the sparse vmemmap model. The virtual address is calculated as struct page VMEMMAP START - phys ram base PAGE SHIFT,...

PT-2025-42737

Name of the Vulnerable Software and Affected Versions golang versions 1.15 golang versions 1.19 Description An issue exists in the archive/tar package within golang that involves an unbounded allocation during the parsing of GNU sparse map files. This can lead to excessive memory consumption and...

SUSE CVE-2024-56710

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephdirectreadwrite The bvecs array which is allocated in itergetbvecsalloc is leaked and pages remain pinned if cephallocsparseextmap fails. There is no need to delay the allocation of sparseext map unti...

UBUNTU-CVE-2024-56710

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephdirectreadwrite The bvecs array which is allocated in itergetbvecsalloc is leaked and pages remain pinned if cephallocsparseextmap fails. There is no need to delay the allocation of sparseext map unti...

CVE-2024-56710 ceph: fix memory leak in ceph_direct_read_write()

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephdirectreadwrite The bvecs array which is allocated in itergetbvecsalloc is leaked and pages remain pinned if cephallocsparseextmap fails. There is no need to delay the allocation of sparseext map unti...

CVE-2024-56673 riscv: mm: Do not call pmd dtor on vmemmap page table teardown

In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Do not call pmd dtor on vmemmap page table teardown The vmemmap's, which is used for RV64 with SPARSEMEMVMEMMAP, page tables are populated using pmd page middle directory hugetables. However, the pmd allocation is not...

[SECURITY] Fedora 41 Update: ColPack-1.0.10-25.fc41

ColPack is a package comprising of implementation of algorithms for specialized vertex coloring problems that arise in sparse derivative computation. It is written in an object-oriented fashion heavily using the Standard Template Library STL. It is designed to be simple, modular, extendable and...