RHEL 8 : booth (RHSA-2024:3658)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3658 advisory. The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inpu...

RHEL 9 : booth (RHSA-2024:3660)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3660 advisory. The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inpu...

Sail Further with Wiz Cost Optimization for Amazon EKS

Learn how Wiz's latest feature identifies outdated EKS clusters, helping organizations save millions on cloud spend. Find out how to optimize costs and reinvest savings in strategic initiatives...

Chinese State-Backed Cyber Espionage Targets Southeast Asian Government

An unnamed high-profile government organization in Southeast Asia emerged as the target of a "complex, long-running" Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. "The overall goal behind the campaign was to maintain access to the target network for cyberespionage in...

SUSE CVE-2023-2728

Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account's secrets field...

ALSA-2024:3008 Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

BIT-CILIUM-OPERATOR-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.2 security update

An update is now available for Red Hat OpenShift GitOps v1.12.2 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds

A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet marke...

Important: Red Hat Security Advisory: pmix security update

An update for pmix is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2024:2199 Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2024-3177)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that may allow mountable secret policy enforcement to be bypassed during pod admission CVE-2024-3177. Vulnerability Details CVEID: CVE-2024-3177 Description: Kubernetes kube-apiserver could...

Fedora 40 : kubernetes (2024-ce2eefc399)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ce2eefc399 advisory. Update Kubernetes to v1.29.4 for Fedora 40. Resolves CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugi...

GHSA-F9XF-JQ4J-VQW4 Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources

A vulnerability was discovered in Rancher versions 2.0 through the aforementioned fixed versions, where users were granted access to resources regardless of the resource's API group. For example Rancher should have allowed users access to apps.catalog.cattle.io, but instead incorrectly gave acces...

Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources

A vulnerability was discovered in Rancher versions 2.0 through the aforementioned fixed versions, where users were granted access to resources regardless of the resource's API group. For example Rancher should have allowed users access to apps.catalog.cattle.io, but instead incorrectly gave acces...

Virtuozzo Hybrid Infrastructure 6.1 Hotfix 2 (6.1.0-251)

This update provides stability improvements. Vulnerability id: VSTOR-84476 Fixed iSCSI persistent reservations. Vulnerability id: VSTOR-84499 Load balancer members get the "Unhealthy" status after upgrading from 6.0 to 6.1. Vulnerability id: VSTOR-84646 Fixed a memory issue for NFS clusters with...

Low: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.8 Operator enhancement and security update

Red Hat Single Sign-On 7.6.8 Operator enhancement and security update. This is an enhancement and security update with Low impact rating and package name 'rh-sso7-keycloak'. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

GO-2024-2656 Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium

In Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, traffic that should be IPsec-encrypted between a node's Envoy proxy and pods on other nodes is sent unencrypted, and traffic that should be IPsec-encrypted between a node's DNS proxy and pods on other nodes is sent...

PT-2024-29172 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A slab-out-of-bounds issue has been resolved in the Linux kernel, specifically in the ext4 file system. This issue can be triggered by setting an oversized value for s mb group preallo...