Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2020:0554-1

Опубликовано: 26 апр. 2020
Источник: suse-cvrf

Описание

Security update for kubernetes

This update introduces kubernetes version 1.14.1 and cri-o 1.17.1 to Leap 15.1.

Список пакетов

openSUSE Leap 15.1
cri-o-1.17.1-lp151.2.2
cri-o-kubeadm-criconfig-1.17.1-lp151.2.2
cri-tools-1.18.0-lp151.2.1
go1.14-1.14-lp151.6.1
go1.14-doc-1.14-lp151.6.1
go1.14-race-1.14-lp151.6.1
kubernetes-apiserver-1.18.0-lp151.5.1
kubernetes-client-1.18.0-lp151.5.1
kubernetes-controller-manager-1.18.0-lp151.5.1
kubernetes-kubeadm-1.18.0-lp151.5.1
kubernetes-kubelet-common-1.18.0-lp151.5.1
kubernetes-kubelet1.17-1.18.0-lp151.5.1
kubernetes-kubelet1.18-1.18.0-lp151.5.1
kubernetes-master-1.18.0-lp151.5.1
kubernetes-node-1.18.0-lp151.5.1
kubernetes-proxy-1.18.0-lp151.5.1
kubernetes-scheduler-1.18.0-lp151.5.1

Ссылки

Описание

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Затронутые продукты
openSUSE Leap 15.1:cri-o-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-o-kubeadm-criconfig-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-tools-1.18.0-lp151.2.1
openSUSE Leap 15.1:go1.14-1.14-lp151.6.1
Ссылки

Описание

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write.

Затронутые продукты
openSUSE Leap 15.1:cri-o-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-o-kubeadm-criconfig-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-tools-1.18.0-lp151.2.1
openSUSE Leap 15.1:go1.14-1.14-lp151.6.1
Ссылки

Описание

In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.

Затронутые продукты
openSUSE Leap 15.1:cri-o-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-o-kubeadm-criconfig-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-tools-1.18.0-lp151.2.1
openSUSE Leap 15.1:go1.14-1.14-lp151.6.1
Ссылки

Описание

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.

Затронутые продукты
openSUSE Leap 15.1:cri-o-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-o-kubeadm-criconfig-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-tools-1.18.0-lp151.2.1
openSUSE Leap 15.1:go1.14-1.14-lp151.6.1
Ссылки

Описание

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it's possible to arrange things so that a Git repository is cloned to a folder named ".git" by using a vanity import path that ends with "/.git". If the Git repository root contains a "HEAD" file, a "config" file, an "objects" directory, a "refs" directory, with some work to ensure the proper ordering of operations, "go get -u" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the "config" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running "go get -u".

Затронутые продукты
openSUSE Leap 15.1:cri-o-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-o-kubeadm-criconfig-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-tools-1.18.0-lp151.2.1
openSUSE Leap 15.1:go1.14-1.14-lp151.6.1
Ссылки

Описание

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.

Затронутые продукты
openSUSE Leap 15.1:cri-o-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-o-kubeadm-criconfig-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-tools-1.18.0-lp151.2.1
openSUSE Leap 15.1:go1.14-1.14-lp151.6.1
Ссылки

Описание

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.

Затронутые продукты
openSUSE Leap 15.1:cri-o-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-o-kubeadm-criconfig-1.17.1-lp151.2.2
openSUSE Leap 15.1:cri-tools-1.18.0-lp151.2.1
openSUSE Leap 15.1:go1.14-1.14-lp151.6.1
Ссылки
Уязвимость openSUSE-SU-2020:0554-1