by EGI CSIRT | Jun 17, 2024 | News
France Grilles GIS organised a technical workshop from 3 to 5 June 2024. Baptiste Grenier, Senior Service Delivery Officer and Information Security Manager at the EGI Foundation, also member of EGI CSIRT, took part in the meeting with a presentation during the “Le...
by EGI CSIRT | Jun 7, 2024 | Activities, News
A HIGH risk vulnerability CVE-2024-2961 has been found concerning glibc where an out-of-bounds write flaw in the ISO-2022-CN-EXT plugin for glibc’s iconv library may allow remote code execution See: https://advisories.egi.eu/Advisory-EGI-SVG-2024-10
by EGI CSIRT | May 30, 2024 | News
NeIC Conference 2024 took place at Tallinn from 27th to 29th of May. In the Containers in HPC session, EGI-CSIRT had a talk on Secure Usage of Containers in the HPC environment. We have discussed the security aspects of using containers and the ways in which container...
by EGI CSIRT | May 28, 2024 | Advisories, News
A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nft_verdict_init() function, allowing positive values as a drop error within the hook verdict, therefore, the nf_hook_slow() function can cause a double-free vulnerability when...
by EGI CSIRT | May 21, 2024 | News
EGI-CSIRT participated in the ISC High Performance Conference 2024 with a presentation on User Namespaces, are they good, bad or evil? The use of user namespaces reduces the attack surface in the event of a compromise, it allows isolation of the workload, but the...
by EGI CSIRT | May 20, 2024 | Advisories, News
The Git project released new security bug-fix versions on May 14th, 2024: v2.45.1, v2.44.1, v2.43.4, v2.42.2, v2.41.1, v2.40.2, and v2.39.4: CVE-2024-32002: https://nvd.nist.gov/vuln/detail/CVE-2024-32002 CVE-2024-32004: https://nvd.nist.gov/vuln/detail/CVE-2024-32004...
Recent Comments