6 matches found
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a CRI-O security vulnerability (CVE-2022-0532)
Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in CRI-O that could allow a remote authenticated attacker to bypass security restrictions, caused by improper sysctls validation. Vulnerability Details CVEID: CVE-2022-0532 Description: CRI-O could allow a remote...
RHEL 7 / 8 : OpenShift Container Platform 4.6.56 (RHSA-2022:0866)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0866 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
RHEL 7 / 8 : OpenShift Container Platform 4.7.45 (RHSA-2022:0870)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0870 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
CVE-2022-0532
An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace...
CVE-2022-0532
An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace...
CVE-2022-0532
According to IBM’s security bulletin on CVE-2022-0532, Red Hat OpenShift on IBM Cloud is affected by a CRI-O vulnerability (CVE-2022-0532) caused by improper sysctls validation. A remote authenticated attacker could abuse hostIPC/hostNetwork to apply cluster-safe sysctls to the host, bypassing re...