19 matches found
RHCOS 4 : OpenShift Container Platform 4.4.19 openshift (RHSA-2020:3579)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:3579 advisory. - kubernetes: Node disk DOS by writing to container /etc/hosts CVE-2020-8557 Note that Nessus has not tested for this issue but has instead...
Linux Distros Unpatched Vulnerability : CVE-2020-8557
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own...
RHEL 7 : OpenShift Container Platform 3.11.542 (RHSA-2021:3915)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3915 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.11.542 security update
Red Hat OpenShift Container Platform release 3.11.542 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, whi...
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes kubelet security vulnerability (CVE-2020-8557)
Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes kubelet that could result in the denial of service of a node CVE-2020-8557 Vulnerability Details CVEID: CVE-2020-8557 Description: Kubernetes kubelet is vulnerable to a denial of service, caused by an...
Security Bulletin: API Connect is vulnerable to denial of service via Kubernetes (CVE-2020-8557, CVE-2020-8559)
Summary IBM API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-8557 DESCRIPTION: Kubernetes kubelet is vulnerable to a denial of service, caused by an issue with not including the /etc/hostsfile file by the kubelet eviction manager when calculating...
Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8557, CVE-2020-8559)
Summary IBM Cloud Private is vulnerable to Kubernetes vulnerabilities Vulnerability Details CVEID: CVE-2020-8557 DESCRIPTION: Kubernetes kubelet is vulnerable to a denial of service, caused by an issue with not including the /etc/hostsfile file by the kubelet eviction manager when calculating...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.3.38 container image security update
An update for openshift-enterprise-hyperkube-container and sriov-dp-admission-controller-container is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.3.38 jenkins and openshift security update
An update for jenkins and openshift is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
RHEL 7 / 8 : OpenShift Container Platform 4.3.38 jenkins and openshift (RHSA-2020:3808)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3808 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.4.19 openshift-enterprise-hyperkube-container security update
An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.4.19 openshift security update
An update for openshift is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.5.7 openshift-enterprise-hyperkube-container security update
An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 4.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.5.7 jenkins and openshift packages security update
An update for jenkins and openshift is now available for Red Hat OpenShift Container Platform 4.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
CVE-2020-8557
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral...
CVE-2020-8557
CVE-2020-8557 affects Kubernetes kubelet and relates to how ephemeral storage usage is calculated for pods that write to their own /etc/hosts. The eviction manager does not include the /etc/hosts file in disk usage accounting, so a pod that writes大量 data to /etc/hosts could exhaust node storage a...
Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes kubelet security vulnerability (CVE-2020-8557)
Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes kubelet that could result in the denial of service of a node CVE-2020-8557 Vulnerability Details CVEID: CVE-2020-8557 Description: Kubernetes kubelet is vulnerable to a denial of service, caused by an...
kubernetes security update
1.12.10-1.0.13 - CVE-2020-8559: Privilege escalation from compromised node to cluster - CVE-2020-8557: Node disk DOS by writing to container /etc/hosts...
Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne security update
kernel-uek-container 4.14.35-1902.303.5.3.el7 - rds: Deregister all FRWR mr with freemr Hans Westgaard Ry Orabug: 31476202 - Revert 'rds: Do not cancel RDMAs that have been posted to the HCA' Gerd Rausch Orabug: 31475329 - Revert 'rds: Introduce rdsconntopath helper' Gerd Rausch Orabug: 31475329 ...