EGI-CSIRT at NeIC Conference 2024

NeIC Conference 2024 took place at Tallinn from 27th to 29th of May. In the Containers in HPC session, EGI-CSIRT had a talk on Secure Usage of Containers in the HPC environment. We have discussed the security aspects of using containers and the ways in which container...

EGI-CSIRT at ISC 2024

EGI-CSIRT participated in the ISC High Performance Conference 2024 with a presentation on User Namespaces, are they good, bad or evil? The use of user namespaces reduces the attack surface in the event of a compromise, it allows isolation of the workload, but the...

Security bug-fixes in git

The Git project released new security bug-fix versions on May 14th, 2024: v2.45.1, v2.44.1, v2.43.4, v2.42.2, v2.41.1, v2.40.2, and v2.39.4: CVE-2024-32002: https://nvd.nist.gov/vuln/detail/CVE-2024-32002 CVE-2024-32004: https://nvd.nist.gov/vuln/detail/CVE-2024-32004...

High risk kernel vulnerabilities in RHEL9

There are a large number of CVE’s patched in this RHEL9 release, we have identified the 3 listed above as ‘HIGH’ risk according to our criteria (CVE-2023-6817, CVE-2024-0193, CVE-2024-0646). We have not investigated all the CVE’s in detail, and there is the...