Описание
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 4 | microshift | Will not fix | ||
| Red Hat OpenShift GitOps | openshift-gitops-1/argo-rollouts-rhel8 | Not affected | ||
| Red Hat OpenShift Container Platform 4.12 | openshift | Fixed | RHSA-2024:1267 | 20.03.2024 |
| Red Hat OpenShift Container Platform 4.13 | openshift4/ose-cluster-kube-controller-manager-operator | Fixed | RHSA-2024:0741 | 14.02.2024 |
Показывать по
10
Дополнительная информация
Статус:
Important
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=2214402kube-controller-manager: malformed HPA v1 manifest causes crash
EPSS
Процентиль: 34%
0.00136
Низкий
7.7 High
CVSS3
EPSS
Процентиль: 34%
0.00136
Низкий
7.7 High
CVSS3