Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/02/28 11:11 a.m.49 views

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a CRI-O security vulnerability (CVE-2022-0532)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in CRI-O that could allow a remote authenticated attacker to bypass security restrictions, caused by improper sysctls validation. Vulnerability Details CVEID: CVE-2022-0532 Description: CRI-O could allow a remote...

4.9CVSS4.8AI score0.00768EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/03/23 12:0 a.m.48 views

RHEL 7 / 8 : OpenShift Container Platform 4.6.56 (RHSA-2022:0866)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0866 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9CVSS7.7AI score0.18561EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/03/23 12:0 a.m.44 views

RHEL 7 / 8 : OpenShift Container Platform 4.7.45 (RHSA-2022:0870)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0870 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9CVSS7.7AI score0.18561EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/02/09 11:15 p.m.9 views

CVE-2022-0532

An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace...

4.9CVSS5.7AI score0.00768EPSS
Exploits0References3
NVD
NVD
added 2022/02/09 11:15 p.m.34 views

CVE-2022-0532

An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace...

4.9CVSS0.00768EPSS
Exploits0References2
CVE
CVE
added 2022/02/09 10:5 p.m.243 views

CVE-2022-0532

According to IBM’s security bulletin on CVE-2022-0532, Red Hat OpenShift on IBM Cloud is affected by a CRI-O vulnerability (CVE-2022-0532) caused by improper sysctls validation. A remote authenticated attacker could abuse hostIPC/hostNetwork to apply cluster-safe sysctls to the host, bypassing re...

4.9CVSS4AI score0.00768EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder