by EGI CSIRT | Apr 21, 2023 | Advisories, News
A race condition was found in the Linux kernel’s mm/mremap memory address space accounting implementation, leading to a use-after-free vulnerability. This flaw allows a local user to cause a system crash or potentially escalate their privileges on the system. On RHEL...
by EGI CSIRT | Apr 11, 2023 | Advisories, News
Kernel updates have been released which fix among others 2 High risk kernel vulnerabilities. Of these 2, one only affects RHEL 9 and its derivatives, while the other affects both RHEL 8 and RHEL9 and their derivatives if a GPU is present. Sites running RHEL 7 and...
by EGI CSIRT | Apr 11, 2023 | Advisories, News
The vRealize Log Insight contains a Directory Traversal Vulnerability. VMware has evaluated the severity of this issue to be in the critical severity range with a maximum CVSSv3 base score of 9.8. An unauthenticated, malicious actor can inject files into the operating...
by EGI CSIRT | Apr 11, 2023 | Advisories, News
A flaw was found in Swift’s S3 XML parser. By supplying specially crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. See...
by EGI CSIRT | Apr 3, 2023 | Advisories, News
NVIDIA has announced several vulnerabilities in the NVIDIA GPU display driver. Affected sites should upgrade as soon as possible. See more in the Advisory-SVG-CVE-2023-0189
by EGI CSIRT | Feb 25, 2023 | Advisories
We would like to announce the upcoming OpenSSL update which fixes multiple vulnerabilities, including CVE-2023-0286 which OpenSSL rates as High risk. You can find more information in the Advisory-SVG-CVE-2023-0286
Recent Comments