Описание
Security update for kubernetes1.23
This update for kubernetes1.23 fixes the following issues:
- CVE-2024-0793: Fixed a DoS caused via a malformed HPA v1 manifest. (bsc#1219964)
Список пакетов
SUSE Linux Enterprise Module for Containers 15 SP5
kubernetes1.23-client-1.23.17-150500.3.9.1
kubernetes1.23-client-common-1.23.17-150500.3.9.1
openSUSE Leap 15.5
kubernetes1.23-apiserver-1.23.17-150500.3.9.1
kubernetes1.23-client-1.23.17-150500.3.9.1
kubernetes1.23-client-bash-completion-1.23.17-150500.3.9.1
kubernetes1.23-client-common-1.23.17-150500.3.9.1
kubernetes1.23-client-fish-completion-1.23.17-150500.3.9.1
kubernetes1.23-controller-manager-1.23.17-150500.3.9.1
kubernetes1.23-kubeadm-1.23.17-150500.3.9.1
kubernetes1.23-kubelet-1.23.17-150500.3.9.1
kubernetes1.23-kubelet-common-1.23.17-150500.3.9.1
kubernetes1.23-proxy-1.23.17-150500.3.9.1
kubernetes1.23-scheduler-1.23.17-150500.3.9.1
Ссылки
- Link for SUSE-SU-2024:1163-1
- E-Mail link for SUSE-SU-2024:1163-1
- SUSE Security Ratings
- SUSE Bug 1219964
- SUSE CVE CVE-2024-0793 page
Описание
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.
Затронутые продукты
SUSE Linux Enterprise Module for Containers 15 SP5:kubernetes1.23-client-1.23.17-150500.3.9.1
SUSE Linux Enterprise Module for Containers 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.9.1
openSUSE Leap 15.5:kubernetes1.23-apiserver-1.23.17-150500.3.9.1
openSUSE Leap 15.5:kubernetes1.23-client-1.23.17-150500.3.9.1
Ссылки
- CVE-2024-0793
- SUSE Bug 1219964