CVE-2019-11815

An issue was discovered in rdstcpkillsock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup...

CVE-2019-11815

An issue was discovered in rdstcpkillsock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup...

CVE-2019-11815

The CVE-2019-11815 issue affects Linux kernels with net/rds/tcp.c: rds_tcp_kill_sock contains a race that can cause a use-after-free during net namespace cleanup (pre-5.0.8). A fix was committed and released in 5.0.8; upgrading to 5.0.8+ (or applying the patch) is the advised remediation. The Uni...

CVE-2019-11815

An issue was discovered in rdstcpkillsock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup...

UBUNTU-CVE-2019-11815

An issue was discovered in rdstcpkillsock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup...

Information Disclosure

Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container imag...

Authorization Bypass

openshift is vulnerable to authorization bypass. The vulnerability exists in a multi-tenante SDN, and when a build is run in a namespace that is isolated from pods in other namespaces...

Fedora 30 : php-twig (2019-874015ee38)

Version 1.38.2 2019-03-12 - added TemplateWrapper::getTemplateName ---- Version 1.38.1 2019-03-12 - fixed class aliases ---- Version 1.38.0 2019-03-12 - fixed sandbox security issue under some circumstances, calling the toString method on an object was possible even if not allowed by the security...

Moderate: Red Hat Bug Fix Advisory: Red Hat OpenStack Platform 14 bug fix and enhancement advisory

Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 14.0 Rocky for RHEL 7. Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud running on commonly available...

FreeBSD : Gitlab -- Multiple vulnerabilities (1138b39e-6abb-11e9-a685-001b217b3468)

Gitlab reports : Moving an Issue to Private Repo Leaks Project Namespace Notification Emails Sent to Restricted Users Unauthorized Comments on Confidential Issues Merge Request Approval Count Inflation Unsanitized Branch Names on New Merge Request Notification Emails Improper Sanitation of...

CVE-2019-6467

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAI...

UBUNTU-CVE-2019-6467

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAI...

January 15, 2019—KB4480976 (OS Build 17134.556)

January 15, 2019—KB4480976 OS Build 17134.556 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue in Microsoft Edge that fails to trigger the focusin event if the focus even...

Design/Logic Flaw

In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it...

Design/Logic Flaw

An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the...

CVE-2018-20321

An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the...

CVE-2018-20321

An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the...

CVE-2018-20321

An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the...

CVE-2018-20321

This CVE (CVE-2018-20321) affects Rancher 2.x (through 2.1.5). A project member with access to the default namespace can mount the kubernetes default service account in a pod and use it to run privileged commands against the Kubernetes cluster. The documented mitigation is to isolate the default ...

PT-2019-10045 · Rancher · Rancher

Name of the Vulnerable Software and Affected Versions: Rancher versions 2.0.0 through 2.1.5 Description: An issue allows project members with access to the default namespace to execute administrative privileged commands against the k8s cluster by mounting the netes-default service account in a po...