Lucene search

K
oraclelinuxOracleLinuxELSA-2024-12348
HistoryApr 26, 2024 - 12:00 a.m.

cri-o security update

2024-04-2600:00:00
linux.oracle.com
11
cri-o
cri-tools
etcd
istio
kubernetes
olcne
security update
cve-2024-24786
cve-2024-23322
cve-2024-23323
cve-2024-23324
cve-2024-23325
cve-2024-23327
oracle specific
build files.

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

17.0%

cri-o
[1.26.4-2]

  • Address CVE-2024-24786
    cri-tools
    [1.26.1-5]
  • Address CVE-2024-24786
    etcd
    [3.5.10-3]
  • Address protobuf [CVE-2024-24786]
    [3.5.10-1]
  • Added Oracle specific build files
    istio
    [1.17.8-3]
  • Address protobuf [CVE-2024-24786]
  • Backport from 1.19.7 to address CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327
    kubernetes
    [1.26.15-1]
  • Added Oracle specific build files for Kubernetes
    olcne
    [1.7.7-2]
  • Fixed unable to deploy new module(s) using config file containing already existing modules
  • Update Istio-1.17.8 to address CVE-2024-24786, CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327
  • Update Kubernetes-1.26.15 and components to address CVE-2024-24786

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

17.0%