by EGI CSIRT | Oct 7, 2024 | News
The 2024 edition of the EGI Conference was held in Lecce from 30 September to 4 October. The program addressed several key issues, including data management, integrating diverse technologies, like high-throughput computing, cloud and high-performance computing...
by EGI CSIRT | Sep 12, 2024 | News
SLUBStick is a kernel exploit technique that elevates a heap vulnerability to an arbitrary memory read/write primitive. It works in several steps: first, it exploits a timing side channel of the allocator to reliably perform a cross-cache attack on commonly used...
by EGI CSIRT | Sep 11, 2024 | Advisories, News
A critical vulnerability CVE-2024-41110 has been found in Docker Authorization that could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. See our SVG Advisory for further details.
by EGI CSIRT | Aug 26, 2024 | Advisories, News
There is a HIGH-risk vulnerability CVE-2024-5564 in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. Further information on this vulnerability can be found...
by EGI CSIRT | Aug 26, 2024 | Advisories, News
OpenSSH has a high-risk vulnerability, allowing an Unauthenticated Remote Code Execution due to a race condition in signal handling. The vulnerability only affects RHEL9 and derivates. Check our SVG Advisory to learn more about this vulnerability.
by EGI CSIRT | Aug 26, 2024 | Advisories, News
A vulnerability CVE-2024-32498 has been found in QCOW2 image processing for Cinder, Glance and Nova. By supplying a specially created QCOW2 image which references a specific data file path, an authenticated user may convince systems to return a copy of that file...
Recent Comments