Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2020-5765
HistoryJul 22, 2020 - 12:00 a.m.

Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne security update

2020-07-2200:00:00
linux.oracle.com
41

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

kernel-uek-container
[4.14.35-1902.303.5.3.el7]

  • rds: Deregister all FRWR mr with free_mr (Hans Westgaard Ry) [Orabug: 31476202]
  • Revert ‘rds: Do not cancel RDMAs that have been posted to the HCA’ (Gerd Rausch) [Orabug: 31475329]
  • Revert ‘rds: Introduce rds_conn_to_path helper’ (Gerd Rausch) [Orabug: 31475329]
  • Revert ‘rds: Three cancel fixes’ (Gerd Rausch) [Orabug: 31475318]
    [4.14.35-1902.303.5.2.el7]
  • rds: Three cancel fixes (Hakon Bugge) [Orabug: 31463014]
    [4.14.35-1902.303.5.1.el7]
  • x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
  • x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
  • x86/cpu: Add ‘table’ argument to cpu_matches() (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
  • x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
    [4.14.35-1902.303.5.el7]
  • net/mlx5: Decrease default mr cache size (Artemy Kovalyov) [Orabug: 31446379]
    [4.14.35-1902.303.4.el7]
  • net/rds: suppress memory allocation failure reports (Manjunath Patil) [Orabug: 31422157]
  • rds: Do not cancel RDMAs that have been posted to the HCA (Hakon Bugge) [Orabug: 31422151]
  • rds: Introduce rds_conn_to_path helper (Hakon Bugge) [Orabug: 31422151]
    kata-image
    [1.7.3-1.0.5.1]
  • Address Kata CVE 2023
    kata-runtime
    [1.7.3-1.0.5]
  • Address Kata CVE-2020-2023
  • Address Kata CVE-2020-2024
  • Address Kata CVE-2020-2025
  • Address Kata CVE-2020-2026
    kata
    [1.7.3-1.0.7]
  • Address CVE-2020-2023
  • Address CVE-2020-2024
  • Address CVE-2020-2025
  • Address CVE-2020-2026
    kubernetes
    [1.14.9-1.0.6]
  • CVE-2020-8559: Privilege escalation from compromised node to cluster
  • CVE-2020-8557: Node disk DOS by writing to container /etc/hosts
    [1.14.9-1.0.5]
  • Update dependency on Kata containers to a build that includes fixes for CVE-2020-2023 thru CVE-2020-2026
    kubernetes
    [1.17.9-1.0.1.el7]
  • Added Oracle specific build files for Kubernetes
    istio
    [1.4.10-1.0.1]
  • CVE-2020-15104:
    Incorrect validation of wildcard DNS Subject Alternative Names
    [1.4.10-1.0.0]
  • Added Oracle Specific Build Files for istio/istio
    olcne
    [1.1.2-6]
  • Include kata-runtime in the default template
    [1.1.2-5]
  • CVE-2020-8559: Privilege escalation from compromised node to cluster
  • CVE-2020-8557: Node disk DOS by writing to container /etc/hosts
    [1.1.2-4]
  • Update arguments added for istio module.
    [1.1.2-3]
  • Ensure Istio sidecar injector uses valid executable
    [1.1.2-2]
  • Update Kubernetes to use Kata 1.7.3-1.0.7 to address CVE-2020-2023 thru CVE-2020-2026
    [1.1.2-1]
  • Added istio-1.4.10 charts and updated istio.yaml to use istio-1.4.10
OSVersionArchitecturePackageVersionFilename
oracle linux7srcistio< 1.4.10-1.0.1.el7istio-1.4.10-1.0.1.el7.src.rpm
oracle linux7srckata< 1.7.3-1.0.7.el7kata-1.7.3-1.0.7.el7.src.rpm
oracle linux7srckata-image< 1.7.3-1.0.5.1.ol7_202007011859kata-image-1.7.3-1.0.5.1.ol7_202007011859.src.rpm
oracle linux7srckata-runtime< 1.7.3-1.0.5.el7kata-runtime-1.7.3-1.0.5.el7.src.rpm
oracle linux7srckernel-uek-container< 4.14.35-1902.303.5.3.el7kernel-uek-container-4.14.35-1902.303.5.3.el7.src.rpm
oracle linux7srckubernetes< 1.14.9-1.0.6.el7kubernetes-1.14.9-1.0.6.el7.src.rpm
oracle linux7srckubernetes< 1.17.9-1.0.1.el7kubernetes-1.17.9-1.0.1.el7.src.rpm
oracle linux7srcolcne< 1.1.2-6.el7olcne-1.1.2-6.el7.src.rpm
oracle linux7x86_64istio< 1.4.10-1.0.1.el7istio-1.4.10-1.0.1.el7.x86_64.rpm
oracle linux7x86_64istio-citadel< 1.4.10-1.0.1.el7istio-citadel-1.4.10-1.0.1.el7.x86_64.rpm
Rows per page:
1-10 of 361

Related

nessus 48
oraclelinux 4
ibm 8
cve 8
redhat 14
osv 18
redhatcve 7
prion 9
ubuntucve 4
openvas 22
fedora 9
github 4
veracode 6
githubexploit 3
cbl_mariner 1
mageia 1
alpinelinux 3
ubuntu 1
debiancve 4
freebsd 2
almalinux 1
amazon 2
gitlab 2
hackerone 2
suse 2
rocky 1
altlinux 1
wolfi 1
photon 2
attackerkb 1
lenovo 2
f5 1
xen 1
intel 1
virtuozzo 2
citrix 1
nessus
nessus
Oracle Linux 7 : Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne (ELSA-2020-5765)
2023-09-07 00:00:00
Oracle Linux 7 : Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes olcne (ELSA-2020-5766)
2023-09-07 00:00:00
Oracle Linux 7 : kubernetes (ELSA-2020-5767)
2023-09-07 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes olcne security update
2020-07-22 00:00:00
kubernetes security update
2020-07-22 00:00:00
Unbreakable Enterprise kernel security update
2020-06-10 00:00:00
ibm
ibm
Security Bulletin: API Connect is vulnerable to denial of service via Kubernetes (CVE-2020-8557, CVE-2020-8559)
2020-10-08 01:32:33
Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8557, CVE-2020-8559)
2020-09-28 20:01:40
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes kubelet security vulnerability (CVE-2020-8557)
2020-10-09 17:08:16
cve
cve
CVE-2020-15104
2020-07-14 22:15:00
CVE-2020-10739
2020-06-02 13:15:00
CVE-2020-2025
2020-05-19 21:15:00
redhat
redhat
(RHSA-2020:3090) Moderate: Red Hat OpenShift Service Mesh 1.1 servicemesh-proxy security update
2020-07-22 07:59:02
(RHSA-2020:2148) Important: Red Hat OpenShift Service Mesh 1.1.2 Service Mesh Proxy security update
2020-05-13 21:29:15
(RHSA-2020:2523) Important: Red Hat OpenShift Service Mesh 1.1.2 servicemesh-proxy security update
2020-06-11 06:38:11
osv
osv
CVE-2020-15104
2020-07-14 22:15:10
BIT-envoy-2020-15104
2024-03-06 11:00:31
CVE-2020-10739
2020-06-02 13:15:10
redhatcve
redhatcve
CVE-2020-15104
2020-07-13 07:12:53
CVE-2020-10739
2020-05-13 00:11:37
CVE-2020-1764
2020-03-25 22:01:26
prion
prion
Design/Logic Flaw
2020-07-14 22:15:00
Null pointer dereference
2020-06-02 13:15:00
Design/Logic Flaw
2020-05-19 21:15:00
ubuntucve
ubuntucve
CVE-2020-11080
2020-06-03 00:00:00
CVE-2020-8557
2020-07-23 00:00:00
CVE-2020-8559
2020-07-22 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:0930-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2020-0256)
2022-01-28 00:00:00
Fedora: Security Advisory for kata-osbuilder (FEDORA-2020-61fcf3ffc7)
2020-11-05 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: kata-ksm-throttler-1.11.1-1.fc31.1
2020-11-05 02:11:52
[SECURITY] Fedora 31 Update: kata-osbuilder-1.11.1-1.fc31.1
2020-11-05 02:11:53
[SECURITY] Fedora 31 Update: kata-agent-1.11.1-1.fc31.1
2020-10-18 15:48:49
github
github
Link Following in Kata Runtime
2022-02-15 01:57:18
Denial of service in Kubernetes
2024-04-24 20:01:31
Hard coded cryptographic key in Kiali
2021-05-18 18:28:59
veracode
veracode
Denial Of Service (DoS)
2020-07-24 04:57:47
Authentication Bypass
2020-03-31 03:59:09
Remote Code Execution (RCE)
2020-06-19 05:41:18
githubexploit
githubexploit
Exploit for Use of Hard-coded Credentials in Kiali
2020-07-06 13:59:52
Exploit for Open Redirect in Kubernetes
2020-07-22 08:36:41
Exploit for Open Redirect in Kubernetes
2020-07-22 05:13:01
cbl_mariner
cbl_mariner
CVE-2020-11080 affecting package nghttp2 1.33.0-3
2020-11-30 19:30:42
mageia
mageia
Updated nghttp2 packages fix security vulnerability
2020-06-11 02:59:36
alpinelinux
alpinelinux
CVE-2020-11080
2020-06-03 23:15:00
CVE-2020-8557
2020-07-23 17:15:00
CVE-2020-8559
2020-07-22 14:15:00
ubuntu
ubuntu
nghttp2 vulnerability
2023-06-06 00:00:00
debiancve
debiancve
CVE-2020-11080
2020-06-03 23:15:00
CVE-2020-8557
2020-07-23 17:15:00
CVE-2020-8559
2020-07-22 14:15:00
freebsd
freebsd
nghttp2 -- DoS vulnerability
2020-06-02 00:00:00
Intel CPU issues
2020-06-09 00:00:00
almalinux
almalinux
Important: nghttp2 security update
2020-06-25 16:31:29
amazon
amazon
Important: nghttp2
2020-06-26 22:54:00
Important: nghttp2
2020-07-27 23:18:00
gitlab
gitlab
Uncontrolled Resource Consumption
2020-07-23 00:00:00
URL Redirection to Untrusted Site (Open Redirect)
2020-07-22 00:00:00
hackerone
hackerone
Kubernetes: Node disk DOS by writing to container /etc/hosts
2020-05-07 07:11:29
Kubernetes: Compromise of node can lead to compromise of pods on other nodes
2020-05-01 12:26:35
suse
suse
Security update for nghttp2 (important)
2021-03-25 00:00:00
Security update for xen (important)
2020-06-16 00:00:00
rocky
rocky
nghttp2 security update
2020-06-25 16:31:29
altlinux
altlinux
Security fix for the ALT Linux 10 package kubernetes version 1.18.6-alt1
2020-07-24 00:00:00
wolfi
wolfi
CVE-2020-8559 vulnerabilities
2024-04-26 09:06:29
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0285
2020-09-19 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0325
2020-09-19 00:00:00
attackerkb
attackerkb
CVE-2020-0543 CROSSTALK
2020-06-15 00:00:00
lenovo
lenovo
Intel Special Register Buffer Data Sampling Advisory - Lenovo Support US
2020-06-04 16:44:25
Intel Special Register Buffer Data Sampling Advisory - Lenovo Support NL
2020-06-04 16:44:25
f5
f5
K25920352 : Intel CPU SRBDS side-channel vulnerability CVE-2020-0543
2020-09-30 00:00:00
xen
xen
Special Register Buffer speculative side channel
2020-06-09 16:33:00
intel
intel
Special Register Buffer Data Sampling Advisory
2020-06-12 00:00:00
virtuozzo
virtuozzo
Important kernel security update: New kernel 2.6.32-042stab145.3; Virtuozzo 6.0 Update 12 Hotfix 52 (6.0.12-3759)
2020-06-22 00:00:00
Important kernel security update: New kernel 2.6.32-042stab145.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2020-06-22 00:00:00
citrix
citrix
Citrix Hypervisor Security Updates
2020-06-09 04:00:00

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for ELSA-2020-5765
nessus48oraclelinux4ibm8cve8redhat14osv18redhatcve7prion9ubuntucve4openvas22fedora9github4veracode6githubexploit3cbl_mariner1mageia1alpinelinux3ubuntu1debiancve4freebsd2almalinux1amazon2gitlab2hackerone2suse2rocky1altlinux1wolfi1photon2attackerkb1lenovo2f51xen1intel1virtuozzo2citrix1