by EGI CSIRT | May 13, 2022 | Advisories, News
2 flaws were found in the linux kernel (CVE-2021-4028, CVE-2021-4083). Both may allow privilege escalation on the system. Eventhough the exploit is not very likely to happen, sites are advised to upgrade the kernel asap. SVG advisory is published on this...
by EGI CSIRT | May 1, 2022 | Advisories, News
Vulnerabilities have been found concerning the expat XML parser, including two which may lead to arbitrary code execution (CVE-2022-25235, CVE-2022-25236). The expat XML parser is a library, written in C, which is a dependency for various other software. Details are...
by EGI CSIRT | Apr 26, 2022 | Advisories, News
A vulnerability has been found in Java (CVE-2022-21449), involving Improper Verification of Cryptographic Signature. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data. The details can be...
by EGI CSIRT | Apr 22, 2022 | Advisories, News
A DoS vulnerability has been announced in OpenSSL (CVE-2022-0778), affecting OpenSSL versions 1.0.2, 1.1.0, 1.1.1 and 3.0. EGI SVG considers this vulnerability to have a limited risk to EGI sites. For more details, read our advisory.
by EGI CSIRT | Apr 17, 2022 | Advisories, News
New versions of HTCondor have been released to address three security vulnerabilities, sites that are running HTCondor as local batch system should upgrade as soon as possible. References:...
by EGI CSIRT | Feb 26, 2022 | Advisories, News
A privilege escalation vulnerability CVE-2021-4034 has been discovered on polkit’s pkexec utility – a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. A temporary mitigation is to remove...
Recent Comments