Описание
Security update for cni-plugins
This update for cni-plugins fixes the following issues:
cni-plugins updated to version 0.8.6
- CVE-2020-10749: Fixed a potential Man-in-the-Middle attacks in IPv4 clusters by spoofing IPv6 router advertisements (bsc#1172410).
Release notes: https://github.com/containernetworking/plugins/releases/tag/v0.8.6
Список пакетов
Container caasp/v4/cilium:1.6.6
cni-plugins-0.8.6-3.6.1
Container rancher/elemental-teal-rt/5.4:latest
cni-plugins-0.8.6-3.6.1
Container rancher/elemental-teal/5.4:latest
cni-plugins-0.8.6-3.6.1
SUSE Linux Enterprise Module for Containers 15 SP1
cni-plugins-0.8.6-3.6.1
SUSE Linux Enterprise Module for Containers 15 SP2
cni-plugins-0.8.6-3.6.1
SUSE Linux Enterprise Module for Public Cloud 15 SP1
cni-plugins-0.8.6-3.6.1
Ссылки
- Link for SUSE-SU-2020:1957-1
- E-Mail link for SUSE-SU-2020:1957-1
- SUSE Security Ratings
- SUSE Bug 1172410
- SUSE CVE CVE-2020-10749 page
Описание
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
Затронутые продукты
Container caasp/v4/cilium:1.6.6:cni-plugins-0.8.6-3.6.1
Container rancher/elemental-teal-rt/5.4:latest:cni-plugins-0.8.6-3.6.1
Container rancher/elemental-teal/5.4:latest:cni-plugins-0.8.6-3.6.1
SUSE Linux Enterprise Module for Containers 15 SP1:cni-plugins-0.8.6-3.6.1
Ссылки
- CVE-2020-10749
- SUSE Bug 1172375
- SUSE Bug 1172410