by EGI CSIRT | Oct 14, 2024 | Advisories, News
HIGH risk use-after-free vulnerability CVE-2024-36971 has been found in the Linux kernel’s network route management. This flaw allows an attacker to alter the behaviour of certain network connections. Sites are recommended to update the relevant software immediately....
by EGI CSIRT | Oct 14, 2024 | Advisories, News
Multiple vulnerabilities have been found in CUPS, CVE-2024-47176, CVE-2024-47076, CVE-2024-47175. These are HIGH risk vulnerabilities which may lead to remote code execution. CUPS is used for printing management, but in case any sites have this software installed,...
by EGI CSIRT | Oct 11, 2024 | Advisories, News
HIGH risk vulnerability has been found concerning the Java version of voms-proxy-init. During the proxy generation process it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then perform any action that...
by EGI CSIRT | Oct 7, 2024 | News
The 2024 edition of the EGI Conference was held in Lecce from 30 September to 4 October. The program addressed several key issues, including data management, integrating diverse technologies, like high-throughput computing, cloud and high-performance computing...
by EGI CSIRT | Sep 12, 2024 | News
SLUBStick is a kernel exploit technique that elevates a heap vulnerability to an arbitrary memory read/write primitive. It works in several steps: first, it exploits a timing side channel of the allocator to reliably perform a cross-cache attack on commonly used...
Recent Comments