Recent Advisories.
A guide to the risk categories is available at Notes On Risk.
| Date | Title | Contents/Link | Risk | Status |
|---|---|---|---|---|
| 2023-11-21 | Intel processor vulnerability [EGI-SVG-2023-58] | Advisory-EGI-SVG-2023-58 | ALERT | Fixed |
| 2023-10-16 Updated 2023-11-14 | HIGH risk Slurm race condition vulnerability [EGI-SVG-2023-57] | Advisory-EGI-SVG-2023-57 | HIGH | Fixed |
| 2023-10-06 Updated 2023-11-14 | HIGH Risk glibc vulnerability [EGI-SVG-2023-55] | Advisory-EGI-SVG-2023-55 | HIGH | Fixed |
| 2023-09-21 Updated 2023-11-14 | HIGH Risk INDIGO-IAM Vulnerability [EGI-SVG-2023-53] | Advisory-EGI-SVG-2023-53 | HIGH | Fixed |
| 2023-08-16 Updated 2023-10-19, 2024-02-19 | HIGH risk Intel Downfall Vulnerability [EGI-SVG-CVE-2022-40982] | Advisory-SVG-CVE-2022-40982 | HIGH | Fixed/Mitigated |
| 2023-09-21 Updated 2023-10-19, 2023-10-24 | HIGH Risk Linux kernel vulnerabilities [EGI-SVG-2023-52] | Advisory-EGI-SVG-2023-52 | HIGH | Fixed (Mostly) |
| 2023-08-10 Updated 2023-09-15 | Up to CRITICAL Risk Linux kernel vulnerabilities [EGI-SVG-CVE-2023-1829] | Advisory-SVG-CVE-2023-1829 | Up to CRITICAL | Fixed (Partially) |
| 2023-08-08 Updated 2023-09-15 | HIGH Risk mod_auth_openidc vulnerability [EGI-SVG-CVE-2023-37464] | Advisory-SVG-CVE-2023-37464 | HIGH | Fixed |
| 2023-05-11 Updated 2023-06-12, 2023-06-22, 2023-09-15, 2023-10-19 | CRITICAL risk Netfilter nf_tables use-after-free flaw. [EGI-SVG-CVE-2023-32233] | Advisory-SVG-CVE-2023-32233 | CRITICAL | Fixed |
| 2023-07-27 | ALERT Two BMC vulnerabilities [EGI-SVG-CVE-2023-34329] | Advisory-SVG-CVE-2023-34329 | ALERT | |
| 2023-07-26 Updated 2023-08-15, 2023-09-21, 2023-09-22, 2024-02-16 | ALERT Zenbleed speculative execution vulnerability [EGI-SVG-CVE-2023-20593] | Advisory-SVG-CVE-2023-20593 | ALERT | Fixed |
| 2023-07-04 | MODERATE risk Indigo IAM XSS vulnerability [EGI-SVG-2023-20] | Advisory-EGI-SVG-2023-20 | MODERATE | Fixed |
| 2023-05-26 Updated 2023-07-04 | CRITICAL risk OpenStack Vulnerability with iSCSI or FC based volumes. [EGI-SVG-CVE-2023-2088] | Advisory-SVG-CVE-2023-2088 | CRITICAL | Fixed |
| 2023-05-17 Updated 2023-07-04 | HIGH risk Use-after-free flaw was found in the Linux kernel’s TLS protocol [EGI-SVG-CVE-2023-0461] | Advisory-SVG-CVE-2023-0461 | HIGH | Fixed |
| 2023-04-27 Updated 2023-06-01, 2023-04-07 | HIGH risk Apptainer /Singularity setuid-root installations vulnerability [EGI-SVG-CVE-2023-30549] | Advisory-SVG-CVE-2023-30549 | HIGH | Fixed |
| 2023-04-06 Updated 2023-06-08 | HIGH Apache HTTP request splitting vulnerability [EGI-SVG-CVE-2023-25690] | Advisory-SVG-CVE-2023-25690 | HIGH | Fixed |
| 2023-04-21 Updated 2023-06-07 | CRITICAL Linux kernel OverlayFS subsystem vulnerability [EGI-SVG-CVE-2023-0386] | Advisory-SVG-CVE-2023-0386 | CRITICAL | Fixed |
| 2023-04-21 Updated 2023-04-25 | ALERT Multiple NVIDIA GPU vulnerabilities [EGI-SVG-CVE-2023-0189] | Advisory-SVG-CVE-2023-0189 | ALERT | Fixed |
| 2023-03-13 Updated 2023-04-21 | CRITICAL risk - RHEL 9 - Buffer overflow vulnerability in Linux Kernel Netfilter. [EGI-SVG-CVE-2023-0179] | Advisory-SVG-CVE-2023-0179 | CRITICAL | Fixed |
| 2023-03-09 Updated 2023-04-21 | HIGH risk - Stack overflow flaw in the Linux kernel’s SYSCTL subsystem [EGI-SVG-CVE-2022-4378] | Advisory-SVG-CVE-2022-4378 | HIGH | Fixed |
| 2023-02-24 Updated 2023-04-21 | HIGH risk Use-after-free flaw affecting RHEL8. [EGI-SVG-CVE-2022-41222] | Advisory-SVG-CVE-2022-41222 | HIGH | Fixed |
| 2023-02-13 Updated 2023-02-14, 2023-04-21 | HIGH risk OpenSSL vulnerabilities announced [EGI-SVG-CVE-2023-0286] | Advisory-SVG-CVE-2023-0286 | HIGH | Fixed |
| 2023-01-26 Updated 2023-04-11 | HIGH risk kernel vulnerabilities for RHEL 8 with GPU, RHEL 9 | Advisory-SVG-CVE-2022-2959 | HIGH | Fixed |
| 2023-01-26 Updated 2023-04-11 | ALERT - VMware vRealize Log Insight vulnerability | Advisory-SVG-CVE-2022-31706 | ALERT | Fixed |
| 2023-01-23 Updated 2023-04-11 | CRITICAL risk Arbitrary file access through custom S3 XML entities in Swift’s XML parser | Advisory-SVG-CVE-2022-47950 | CRITICAL | Fixed |