Two Linux kernel vulnerabilities: CVE-2021-4028, CVE-2021-4083
2 flaws were found in the linux kernel (CVE-2021-4028, CVE-2021-4083). Both may allow privilege escalation on the system. Eventhough the exploit is not very likely to happen, sites are advised to upgrade the kernel asap. SVG advisory is published on this page.
Vulnerabilities concerning expat XML parser
Vulnerabilities have been found concerning the expat XML parser, including two which may lead to arbitrary code execution (CVE-2022-25235, CVE-2022-25236). The expat XML parser is a library, written in C, which is a dependency for various other software. Details are...
Critical risk vulnerabilities in Java 15 and later
A vulnerability has been found in Java (CVE-2022-21449), involving Improper Verification of Cryptographic Signature. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data. The details can be...
DOS Vulnerability in OpenSSL – CVE-2022-0778
A DoS vulnerability has been announced in OpenSSL (CVE-2022-0778), affecting OpenSSL versions 1.0.2, 1.1.0, 1.1.1 and 3.0. EGI SVG considers this vulnerability to have a limited risk to EGI sites. For more details, read our advisory.
IT forensics for System Administrators
GEANT will deliver another online training programme IT Forensics for System Administrators - Part 2, which consists of 5 sessions and will run from 27th of April to 30th of May 2022. The registration is open: https://events.geant.org/event/1194 One of the sessions,...
HTCondor Security Release: 8.8.16, 9.0.10, and 9.6.0
New versions of HTCondor have been released to address three security vulnerabilities, sites that are running HTCondor as local batch system should upgrade as soon as possible. References:...
