EGI SVG Advisories

Advisories for 2017

Recent Advisories

Date Title Contents/Link Risk Status
2017-12-07 Various Intel Vulnerabilities Advisory-SVG-CVE-2017-5712 (Alert) Fixed
2017-11-02 SLURM privilege escalation vulnerability Advisory-SVG-CVE-2017-15566 Critical Fixed
2017-11-02 Tomcat remote execution vulnerability in non-standard configurations Advisory-SVG-CVE-2017-12615 (Alert) Fixed
2017-10-27 Kernel exploit affecting small number of configurations Advisory-SVG-CVE-2017-7184 Up to critical Fixed
2017-10-10 dnsmasq multiple vulnerabilities Advisory-SVG-CVE-2017-14491 Up to High Fixed
2017-10-10 Apache Struts vulnerabilities Advisory-SVG-CVE-2017-12611 (Information) Fixed
2017-10-10 VMware Out-of-bounds write vulnerability in SVGA Advisory-SVG-CVE-2017-4924 (Alert) Fixed
2017-09-28 Linux kernel local root vulnerability Advisory-SVG-CVE-2017-1000253 High Fixed
2017-09-22 Various Xen CVEs Advisory-SVG-CVE-2017-8903 (Alert) Fixed
2017-08-22 XROOTD potential for remote code execution Advisory-SVG-2017-12728 Low Fixed
2015-08-24 updated 2015-09-10, 2017-08-22 Old dCache “gridftp door” re-introduced Advisory-SVG-2015-9323 Moderate Fixed
2017-08-07 VOMS Admin allows VO membership requests from users without a certificate Advisory-SVG-2016-11839 Low Fixed
2017-08-07 ARC 5.2.1 World Writeable log directory Advisory-SVG-2017-12319 Moderate Fixed
2017-03-20 updated 2017-03-27, 2017-07-04 Vulnerability concerning VOMS Admin Advisory-SVG-2017-12543 Critical Fixed
2017-06-21 updated 2017-07-11 Stack clash memory allocation vulnerability Advisory-SVG-CVE-2017-1000364 High Fixed
2017-06-06 NSS out of bounds write flaw Advisory-SVG-CVE-2017-5461 High Fixed
2017-06-06 sudo local root vulnerability Advisory-SVG-CVE-2017-1000367 Moderate Fixed
2017-03-24 updated 2017-06-01 canl-c impersonation vulnerability Advisory-SVG-2017-12276 High Fixed
2017-04-07 updated 2017-06-01 OpenStack Vulnerable Configuration problem Advisory-SVG-2017-12680   (Check)
2017-06-01 Qemu and Xen guest escape issues CVE-2016-9603 and others Advisory-SVG-CVE-2016-9603 Up to High Fixed
2017-05-17 Intel AMT Vulnerability Advisory-SVG-CVE-2017-5689   (Check)
2017-03-09 updated 2017-04-27 Linux Kernel (n_hdlc module) privilege escalation vulnerability Advisory-SVG-CVE-2017-2636 High Fixed
2017-02-28 Linux Kernel (DCCP module) privilege escalation vulnerability Advisory-SVG-CVE-2017-6074 High Fixed
2017-02-17 Singularity container escape vulnerability Advisory-SVG-2017-12381 Up to High Fixed
2017-02-13 Attacks on Hadoop installations - check configuration Advisory-SVG-2017-12931   (Check)
2017-02-01 Ansible input validation vulnerability Advisory-SVG-CVE-2016-9587 Up to High Fixed
2016-11-10 updated 2016-12-14, 2017-01-13 Linux kernel vulnerability Advisory-SVG-CVE-2016-7117 High Fixed
2017-01-11 OpenStack Nova Metadata leak -sites should check Advisory-SVG-2016-12231   (check)
2017-01-10 SLURM vulnerability CVE-2016-10030 Advisory-SVG-CVE-2016-10030 High Fixed