All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
This post explores bpfcc-tools, a collection of existing BPF (Berkeley Packet Filter, a technology that runs custom programs inside the Linux kernel) programs used for system performance monitoring and observability. The author explains that BPF tools are becoming increasingly common in production environments because they're useful for analyzing system behavior without requiring custom code.
This post discusses detection strategies for identifying malicious use of BPF (Berkeley Packet Filter, a technology that allows programs to run safely inside the Linux kernel), specifically focusing on bpftrace (a tool for tracing system events using BPF). The author is exploring how attackers might misuse BPF and what defensive approaches Blue Teams (security defenders) could use to catch such misuse.
ACCEL-PPP version 1.12.0 contains an out-of-bounds read vulnerability (CWE-125, a bug where software tries to access memory beyond its allowed range) in a function called triton_context_schedule that triggers when a client disconnects after successfully authenticating. This flaw has a CVSS severity score of 4.0, indicating moderate severity.
This post describes how to use bpftrace (a tool for tracing Linux kernel events) to create a backdoor that executes commands when it receives a specific secret message on any port. The author explains how to use enter and exit trace points (hooks into when functions start and finish) to capture data from network reads, then compare that data against a trigger message to run malicious commands.
This post explores how bpftrace, a tool for running BPF programs (eBPF, extended Berkeley Packet Filter, which lets programs monitor and modify system behavior at a low kernel level), could potentially be misused to create backdoors by observing network traffic and triggering malicious actions. The author is studying this offensive technique to better understand security threats and help defenders recognize such attacks.
eBPF (extended Berkeley Packet Filtering, a technology that lets users run small programs inside the Linux kernel without modifying kernel source code) is gaining attention for offensive security uses because it can hook into system calls, manipulate data, and even run on network hardware. The article introduces eBPF's structure (programs, maps, and events) and explains how attackers could potentially exploit its flexibility and power to hook into system functions, modify data, and spawn processes.
ParlAI, a framework for training AI models on dialogue datasets, has a vulnerability where it unsafely loads YAML files (a data format), allowing attackers to execute arbitrary code on affected systems. The vulnerability occurs because the framework uses an unsafe YAML loader that can be tricked into running malicious code hidden in data files.
This is a 25-minute educational video covering the foundational concepts needed to understand web application security. It explains the basic building blocks of web applications, such as HTML, HTTP, JavaScript, and cookies, as well as core security concepts like the Same-Origin Policy (a rule that prevents websites from accessing each other's data without permission). The video prepares viewers to understand common security vulnerabilities like XSS (cross-site scripting, where attackers inject malicious code into web pages), CSRF (cross-site request forgery, where attackers trick users into performing unwanted actions), and SQLi (SQL injection, where attackers insert malicious database commands into input fields).
On Linux systems, users with uid=0 (user identifier zero) have root privileges, which bypass all security checks. An attacker can create a new account or modify an existing one to have uid=0 by editing the /etc/passwd file or using commands like 'usermod -u 0', giving them complete system control.
TensorFlow, an open-source machine learning platform, had a bug where certain shape functions created temporary data structures (ShapeAndType structs) that were deleted too quickly, causing crashes (segfaults, or sudden program failures) if other code tried to access them. The issue was that while normal output shapes were being protected by copying them to safer ownership, the code wasn't doing the same protection for shapes and types together.
TensorFlow (an open source machine learning platform) had a bug where Go code could crash the program during memory cleanup of string tensors if encoding failed. The problem occurred because the cleanup process assumed encoding always succeeded, but didn't check whether it actually did.
TensorFlow, an open-source machine learning platform, has a vulnerability where an attacker can create a specially crafted TFLite model (a lightweight version of TensorFlow for mobile and embedded devices) that causes a division by zero error (a crash that happens when code tries to divide a number by zero) in its LSH projection feature. This flaw affects multiple versions of TensorFlow.
TensorFlow Lite (TFLite, a lightweight version of TensorFlow for mobile and embedded devices) has a vulnerability in its `GatherNd` and `Gather` operations that fail to check for negative indices. An attacker can exploit this by creating a specially designed model with negative values to read sensitive data from the heap (temporary memory storage), potentially exposing private information.
TensorFlow, an open source machine learning platform, has a vulnerability in TFLite (TensorFlow Lite, a lightweight version for mobile devices) where a negative `axis` parameter value can cause the software to read data outside the intended memory area. This could potentially expose sensitive information or crash the program.
TensorFlow (an open source platform for machine learning) has a vulnerability in its pooling operations where the code doesn't check if divisors are zero before dividing, which can cause crashes. The issue has been patched and will be included in upcoming versions of TensorFlow.
TensorFlow, a popular machine learning platform, has a vulnerability in its division operation in TFLite (a lightweight version for mobile devices) where it doesn't check if the divisor (the number you're dividing by) is zero, which can cause crashes. The issue has been fixed and will be available in several updated versions of the software.
TensorFlow, an open-source machine learning platform, has a vulnerability in TFLite (TensorFlow Lite, a lightweight version for mobile devices) where operations using quantization (a technique that reduces model size by using lower-precision numbers) can accidentally use uninitialized values because the code doesn't properly check whether quantization settings are valid before using them. This could cause unpredictable behavior in machine learning models running on mobile or embedded devices.
TensorFlow has a vulnerability where nesting `tf.map_fn` (a function that applies operations to tensor elements) calls with RaggedTensor inputs (tensors with variable row lengths) and no function signature can leak uninitialized memory from the heap and potentially cause data loss. The bug occurs because the code doesn't verify that inner tensor shapes match when converting from a Variant tensor to a RaggedTensor.
TensorFlow and Keras had a security flaw where loading machine learning models from YAML files (a text format for storing data) could let attackers run arbitrary code (any commands they want) on a system. The problem was caused by using an unsafe YAML parser that doesn't validate what code it runs.
Fix: Update ParlAI to version v1.1.0 or above. If upgrading is not possible, change the Loader to SafeLoader as a workaround. See commit 507d066ef432ea27d3e201da08009872a2f37725 for details.
NVD/CVE DatabaseThis post describes Microsoft Counterfit, a tool for testing machine learning models against adversarial attacks (subtle modifications to input data designed to fool AI systems). The author demonstrates how to set up Counterfit, create a custom target for a husky image classifier, and use the tool's built-in attack modules to test the model's robustness.
Fix: The issue was patched in GitHub commit ee119d4a498979525046fba1c3dd3f13a039fbb1 and fixed by applying the same cloning logic to output shapes and types. The fix is included in TensorFlow 2.6.0, and was also backported (added to earlier versions) in TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The fix defers calling the finalizer function (the cleanup code) until after the tensor is fully created, and changes how memory is deallocated for string tensors to be based on bytes actually written rather than assuming encoding succeeded. This was patched in GitHub commit 8721ba96e5760c229217b594f6d2ba332beedf22 and will be included in TensorFlow 2.6.0 and will be backported to TensorFlow 2.5.1.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 0575b640091680cfb70f4dd93e70658de43b94f9. The fix will be included in TensorFlow 2.6.0 and will also be backported (applied to older versions) to TensorFlow 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE DatabaseFix: The issue was patched in GitHub commits bb6a0383ed553c286f87ca88c207f6774d5c4a8f and eb921122119a6b6e470ee98b89e65d721663179d. The fix is included in TensorFlow 2.6.0 and will be backported to TensorFlow 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit d94ffe08a65400f898241c0374e9edc6fa8ed257. The fix is included in TensorFlow 2.6.0 and was also applied to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: Update to TensorFlow 2.6.0, or apply the patch from GitHub commit dfa22b348b70bb89d6d6ec0ff53973bacb4f4695. If you cannot upgrade to 2.6.0, use patched versions 2.5.1, 2.4.3, or 2.3.4 (these versions will receive the fix via cherrypick).
NVD/CVE DatabaseFix: The fix is included in TensorFlow 2.6.0. It will also be backported (applied to older versions still receiving support) in TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4. Users should update to one of these patched versions.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commits 537bc7c723439b9194a358f64d871dd326c18887, 4a91f2069f7145aab6ba2d8cfe41be8a110c18a5, and 8933b8a21280696ab119b63263babdb54c298538. The fix is included in TensorFlow 2.6.0 and has been backported to TensorFlow 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit 4e2565483d0ffcadc719bd44893fb7f609bb5f12. The fix is included in TensorFlow 2.6.0 and was also backported (applied to earlier versions) in TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The TensorFlow team removed YAML format support entirely and patched the issue in GitHub commit 23d6383eb6c14084a8fc3bdf164043b974818012. The fix is included in TensorFlow 2.6.0, and will also be backported (applied to older versions) in TensorFlow 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE Database