Multiple kernel vulnerabilities in RHEL7, RHEL8 and RHEL9.

Multiple high kernel vulnerabilities were fixed in the RHEL7, RHEL8 and RHEL9. CVEs affecting RHEL9 only: CVE ID/CVSS Score : CVE-2023-3610/7.8CVE ID/CVSS Score : CVE-2023-4147/7.8 CVE ID/CVSS Score : CVE-2023-31248/7.8 CVEs affecting RHEL9 and RHEL8: CVE ID/CVSS...

read more

Critical vulnerability (CVE-2023-32233) in Netfilter nf_tables

A use-after-free flaw was found in the Netfilter nf_tables (net/netfilter/nf_tables_api.c) in the Linux kernel, assigned CVE is CVE-2023-32233.In order to exploit this flaw, the attacker must have CAP_NET_ADMIN privileges and be able to manipulate netfilter entries....

read more

Thematic CERN school of computing on Security 2023

EGI CSIRT has taken part at the Thematic CERN school of computing on Security, which took place from 8th to 14th of October in Split. The school is proposed to people working in academia and research institutes, who need to tackle security in their work and provide...

read more

Recommendations to enhance security

Based on recent incidents in the EGI environment, we would like to point out some of the guidelines and best practices to enhance the security resilience of the resource providers. Prevention Central logging: Ensure that logs are collected centrally by a remote...

read more

Vulnerability in OpenIDC/cjose (CVE-2023-37464)

A high risk vulnerability was found in cjose. The cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE) on which mod_auth_openidc depends. The AES GCM decryption routine incorrectly uses the tag length from the actual Authentication Tag...

read more
Trusted Introducer