by EGI CSIRT | Dec 2, 2022 | Advisories, News
The OpenSSL project have released OpenSSL 3.0.7 which is a security fix for the vulnerability CVE-2022-3602 which consists of a buffer overrun. The details of this vulnerability are available in the OpenSSL security advisory. SVG advisory is available here and...
by EGI CSIRT | Dec 2, 2022 | Advisories, News
A critical vulnerability has been found in device-mapper-multipath which may allow authorization bypass Details on this can be found here: https://www.qualys.com/2022/10/24/leeloo-multipath/leeloo-multipath.txt The vulnerability only affects hosts that are running...
by EGI CSIRT | Dec 1, 2022 | Advisories, News
A vulnerabilty has been found in the expat library which may allow remote code execution. Sites running Redhat or derivates should see https://access.redhat.com/security/cve/cve-2022-40674 Details about the SVG advisory can be found on the SVG advisories’...
by EGI CSIRT | Jul 28, 2022 | Advisories, News
Vulnerabilities CVE-2021-22040 and CVE-2021-22041 have been reported for the following programs: VMware ESX 6.5, 6.7, 7.0VMware Workstation 16.x < v16.2.1VMware Fusion 12.x < v12.2.1 Updates are available that contain a fix for those vulnerabilities. Details can...
by EGI CSIRT | Jul 7, 2022 | Advisories, News
A flaw was found in the way the “flags” member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could...
by EGI CSIRT | May 25, 2022 | Advisories, News
Slurm has fixed 3 vulnerabilities in their new release, including CVE-2022-29500 in the authentication handling which may allow un unprivileged user to impersonate the SlurmUser account. This vulnerability is considered as critical. The fix is available in versions...
Recent Comments