by EGI CSIRT | Aug 26, 2024 | Advisories, News
There is a HIGH-risk vulnerability CVE-2024-5564 in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. Further information on this vulnerability can be found...
by EGI CSIRT | Aug 26, 2024 | Advisories, News
OpenSSH has a high-risk vulnerability, allowing an Unauthenticated Remote Code Execution due to a race condition in signal handling. The vulnerability only affects RHEL9 and derivates. Check our SVG Advisory to learn more about this vulnerability.
by EGI CSIRT | Aug 26, 2024 | Advisories, News
A vulnerability CVE-2024-32498 has been found in QCOW2 image processing for Cinder, Glance and Nova. By supplying a specially created QCOW2 image which references a specific data file path, an authenticated user may convince systems to return a copy of that file...
by EGI CSIRT | Jul 30, 2024 | Advisories, News
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. For further details, please...
by EGI CSIRT | May 28, 2024 | Advisories, News
A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nft_verdict_init() function, allowing positive values as a drop error within the hook verdict, therefore, the nf_hook_slow() function can cause a double-free vulnerability when...
by EGI CSIRT | May 20, 2024 | Advisories, News
The Git project released new security bug-fix versions on May 14th, 2024: v2.45.1, v2.44.1, v2.43.4, v2.42.2, v2.41.1, v2.40.2, and v2.39.4: CVE-2024-32002: https://nvd.nist.gov/vuln/detail/CVE-2024-32002 CVE-2024-32004: https://nvd.nist.gov/vuln/detail/CVE-2024-32004...
Recent Comments