High risk vulnerability in Lustre

HIGH risk vulnerability CVE-2023-51786 has been discovered in Lustre where users may gain access to files and/or folders which they should not have permission to access based on their user or group ID. This may lead to data compromise or possible privilege escalation....

High risk Kernel vulnerabilities in RHEL8

RedHat released a new Kernel version, fixing multiple vulnerabilities in RHEL8, but also some in RHEL7 and RHEL9. CVE ID/CVSS Score : CVE-2023-4623/7.8 Affecting RHEL7, RHEL8, and RHEL9 CVE ID/CVSS Score : CVE-2023-4921/7.8 Affecting RHEL7 and RHEL8 CVE ID/CVSS Score...

EGI-CSIRT at OCSC24 conference

EGI-CSIRT participated in the Open CyberSecurity Conference 2024 in Tenerife, where we spoke about the Security Challenge, which took place in 2023 and involved around 100 grid sites around the world. The presentation, titled Simulation of a large-scale security...

EGI CSIRT Workshop on Information Security Risk management

On the 13th and 14th of February, EGI CSIRT organised a Workshop on Information Security Risk management, which took place in Amsterdam. Information security risk management (ITSRM) is a crucial process for identifying, assessing, and mitigating the risks that...

Leaky Vessels: HIGH risk vulnerability in runc

A vulnerability CVE-2024-21626 in a core container infrastructure component,  ‘runc’ has been discovered, that allows container escapes. An attacker could use these container escapes to gain unauthorized access to the underlying host operating system from...