by EGI CSIRT | Apr 3, 2024 | Advisories, News
A CRITICAL risk vulnerability CVE-2024-3094 has been found in recent versions of xz data compression tools. Only a few Linux distributions use the versions affected, which does not include RHEL and its derivatives like RockyLinux and AlmaLinux. Hence most EGI sites...
by EGI CSIRT | Mar 15, 2024 | Advisories, News
HIGH risk vulnerability CVE-2023-51786 has been discovered in Lustre where users may gain access to files and/or folders which they should not have permission to access based on their user or group ID. This may lead to data compromise or possible privilege escalation....
by EGI CSIRT | Mar 7, 2024 | Advisories, News
RedHat released a new Kernel version, fixing multiple vulnerabilities in RHEL8, but also some in RHEL7 and RHEL9. CVE ID/CVSS Score : CVE-2023-4623/7.8 Affecting RHEL7, RHEL8, and RHEL9 CVE ID/CVSS Score : CVE-2023-4921/7.8 Affecting RHEL7 and RHEL8 CVE ID/CVSS Score...
by EGI CSIRT | Jan 24, 2024 | Advisories, News
An array indexing vulnerability CVE-2023-42753 was found in the netfilter subsystem of the Linux kernel, which may allow a local user to crash the system or potentially escalate their privileges on the system. PoC for this vulnerability is publicly available. Details...
by EGI CSIRT | Nov 22, 2023 | Advisories, News
A security vulnerability CVE-2023-23583 was found in some Intel processors potentially allowing privilege escalation, information disclosure and/or a denial of service via local access. See more about this vulnerability in our SVG Advisory.
by EGI CSIRT | Nov 15, 2023 | Advisories, News
HIGH risk buffer overflow vulnerability CVE-2023-4911 in GNU C Library’s dynamic loader ld.so which may lead to privilege escalation. [R 1] [R 2]. This affects RHEL8, RHEL9 and derivatives, but not RHEL7. More about this vulnerability and how to mitigate it, can be...
Recent Comments