Lucene search
PRIOn knowledge basePRION:CVE-2023-6476HistoryJan 09, 2024 - 10:15 p.m.
Code injection
2024-01-0922:15:00
PRIOn knowledge base
www.prio-n.com
10
code injection
cri-o
container unconfined
experimental annotation
denial of service
kubernetes scheduler
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openshift_container_platform | eq | 3.11 | |
| openshift_container_platform | eq | 4.13 | |
| openshift_container_platform | eq | 4.14 |
Related
nessus
nessus
RHEL 8 / 9 : OpenShift Container Platform 4.13.29 (RHSA-2024:0195)
2024-01-18 00:00:00
RHCOS 4 : OpenShift Container Platform 4.13.29 (RHSA-2024:0195)
2024-01-24 00:00:00
RHEL 8 / 9 : OpenShift Container Platform 4.14.9 (RHSA-2024:0207)
2024-01-18 00:00:00
osv
osv
CVE-2023-6476
2024-01-09 22:15:43
CRI-O's pods can break out of resource confinement on cgroupv2
2024-01-10 15:27:45
cve
cve
CVE-2023-6476
2024-01-09 22:15:43
redos
redos
ROS-20240402-02
2024-04-02 00:00:00
redhatcve
redhatcve
CVE-2023-6476
2024-01-09 21:31:44
veracode
veracode
Improper Access Control
2024-01-11 06:12:32
redhat
redhat
cvelist
cvelist
nvd
nvd
CVE-2023-6476
2024-01-09 22:15:43
github
github
CRI-O's pods can break out of resource confinement on cgroupv2
2024-01-10 15:27:45