Lucene search
OracleLinuxELSA-2021-9398HistoryAug 06, 2021 - 12:00 a.m.
olcne security update
2021-08-0600:00:00
linux.oracle.com
43
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
olcne
[1.3.1-5]
- Updated registry-image-helper.sh to work with olcne-utils
[1.3.1-4] - Fix istio template for 1.9.6 and 1.10.2 for k8s update failure
[1.3.1-3] - Added END_VERSION_BLOCK for OLM image
[1.3.1-2] - Fix iptables issue when running on OL7 host using OL8 image for 1.19.8
- Fix iptables issue when running on OL7 host using OL8 image
- Address Istio CVE’s CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824
- Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282]
- Fixed missing double semicolon in registry image helper
kubernetes
[1.20.6-2] - Fix iptables OL7 host kernel issue when running with OL8 image
[1.20.6-1] - Added Oracle specific build files for Kubernetes
kubernetes
[1.19.8-3] - Fix iptables issue when running on OL7 host with OL8 image
istio
[1.9.6-2] - Fix iptables issue when running on OL7 host using OL8 image
- Added istio-mixs and istio-mixc to Obsoletes list
[1.9.6-1] - Address CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824
istio
[1.10.2-2] - Fix iptables problem when running on OL7 host using OL8 image
[1.10.2-1] - Address CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | istio | < 1.10.2-2.el8 | istio-1.10.2-2.el8.src.rpm |
| oracle linux | 8 | src | istio | < 1.9.6-2.el8 | istio-1.9.6-2.el8.src.rpm |
| oracle linux | 8 | src | kubernetes | < 1.19.8-3.el8 | kubernetes-1.19.8-3.el8.src.rpm |
| oracle linux | 8 | src | kubernetes | < 1.20.6-2.el8 | kubernetes-1.20.6-2.el8.src.rpm |
| oracle linux | 8 | src | olcne | < 1.3.1-5.el8 | olcne-1.3.1-5.el8.src.rpm |
| oracle linux | 8 | x86_64 | istio | < 1.10.2-2.el8 | istio-1.10.2-2.el8.x86_64.rpm |
| oracle linux | 8 | x86_64 | istio | < 1.9.6-2.el8 | istio-1.9.6-2.el8.x86_64.rpm |
| oracle linux | 8 | x86_64 | istio-istioctl | < 1.10.2-2.el8 | istio-istioctl-1.10.2-2.el8.x86_64.rpm |
| oracle linux | 8 | x86_64 | istio-istioctl | < 1.9.6-2.el8 | istio-istioctl-1.9.6-2.el8.x86_64.rpm |
| oracle linux | 8 | x86_64 | kubeadm | < 1.19.8-3.el8 | kubeadm-1.19.8-3.el8.x86_64.rpm |
Related
nessus
nessus
Oracle Linux 7 : olcne (ELSA-2021-9397)
2021-08-06 00:00:00
Oracle Linux 8 : olcne (ELSA-2021-9398)
2021-08-06 00:00:00
Oracle Linux 7 : olcne (ELSA-2021-9399)
2021-08-06 00:00:00
oraclelinux
oraclelinux
olcne security update
2021-08-06 00:00:00
olcne security update
2021-08-06 00:00:00
olcne security update
2021-08-06 00:00:00
redhat
redhat
(RHSA-2021:1322) Important: Red Hat OpenShift Service Mesh 1.1.13 security update
2021-04-22 08:29:04
(RHSA-2021:2085) Important: servicemesh security update
2021-05-20 19:05:21
osv
osv
BIT-envoy-2021-28683
2024-03-06 10:59:03
BIT-envoy-2021-29258
2024-03-06 10:58:52
CVE-2021-29258
2021-05-20 17:15:07
veracode
veracode
Privilege Escalation
2021-06-30 07:29:33
Authorization Bypass
2021-05-21 14:01:53
Denial Of Service (DoS)
2021-04-24 22:47:56
prion
prion
Design/Logic Flaw
2021-06-02 16:15:00
Path traversal
2021-05-27 05:15:00
Design/Logic Flaw
2021-06-29 14:15:00
cve
cve
cnvd
cnvd
Envoy null pointer dereference vulnerability (CNVD-2021-58574)
2021-05-21 00:00:00
Envoy integer overflow vulnerability
2021-05-21 00:00:00
Envoy has an unspecified vulnerability (CNVD-2021-58572)
2021-07-08 00:00:00
redhatcve
redhatcve
archlinux
archlinux
[ASA-202107-3] istio: information disclosure
2021-07-01 00:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Istio
2022-12-23 18:19:06
github
github
Istio Authorization Bypass Vulnerability
2022-05-24 19:03:32
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related for ELSA-2021-9398