[de.NBI Cloud Tuebingen Production] Security Warnings - Dirty defrag and Apache CVEs

Dear de.NBI Cloud Tübingen users,

information about another Linux kernel LPE was released: https://github.com/V4bel/dirtyfrag,
which is very similar to the Copy Fail vulnerability:

Your systems are especially vulnerabale if you have (less trustworthy) local users (like in a Slurm cluster) or are running potentialy untrusted code, such as container images of questionable origin.

Currently no patched kernels are released but creating the file `/etc/modprobe.d/dirtyfrag.conf` containing
> # mitigation for the dirty frag vulnerability
> install esp4 /usr/bin/false
> install esp6 /usr/bin/false
> install rxrpc /usr/bin/false
mitigates the vulnerability.

Please do so.

Additionally we want highlight that the last Apache2 release contains multiple bugfixes for "high" rated CVEs.
See https://www.heise.de/en/news/Apache-HTTP-Server-Highly-critical-flaws-allow-malicious-code-injection-11284235.html for more details.

If you are using Apache 2 (httpd) within your infrastructure
- Check if you are using Apache: this includes packages, service, containers and processes.
- If it is a package check with `[apt|dnf] changelog [apache2|httpd]` if the installed / available version is vulnerable. Note that Distributions often backport fixes to previous releases. (e.g. Ubuntu 24.04 apache2 2.4.58-1ubuntu8.12 contains many required bugfixes)`.
- If possible switch to the latest version available: Either update the package or replace the backing container.

Generally
- Auto updaters such as Ubuntu's `unattended-upgrades` automatically apply a lot of patches. We recommend enabling them and regularly checking if they function correctly.
- If you cannot use such mechanisms, please regularly update your VMs (especially after warnings such as this).
- We strongly recommened to dist-upgrade or decommission VMs with EOL distributions.
- Check and talk with your coworkers if their systems are patched and protected.

If you have questions or need assistance contact us via denbi@zdv.uni-tuebingen.de.

Best Regards, Benjamin (on behalf of the de.NBI admin team Tübingen)