10 matches found
EUVD-2020-12581
Malware in sbrugna...
CVE-2020-1750
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An attacker could use this flaw to deny access to schedule new pods in the OpenShift cluster. This was fixed in openshift/machine-config-operato...
CVE-2020-1750
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An attacker could use this flaw to deny access to schedule new pods in the OpenShift cluster. This was fixed in openshift/machine-config-operato...
Code injection
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An attacker could use this flaw to deny access to schedule new pods in the OpenShift cluster. This was fixed in openshift/machine-config-operato...
CVE-2020-1750
CVE-2020-1750 affects the OpenShift machine-config-operator. A memory stress scenario could render a node unresponsive and block scheduling of new pods. Affected releases were fixed in openshift/machine-config-operator versions 4.4.3, 4.3.25, and 4.2.36. Remediation is to upgrade to one of these ...
CVE-2020-35514
An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. This flaw allows an attacker with access to a running container which mounts /etc/kubernetes or has local access to the node, to copy this kubeconfig file and attempt to add their own node to the OpenShif...
Insecure Permissions
github.com/openshift/machine-config-operator uses insecure file permissions. The permissions of the file /etc/kubernetes/kubeconfig is overly permissive. An attacker with access to a running container that mounts /etc/kubernetes or has local access to the node will be able to copy the kubeconfig...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.3.25 security update
Red Hat OpenShift Container Platform release 4.3.25 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.4.3 ose-machine-config-operator-container security update
An update for ose-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
CVE-2020-1750
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An attacker could use this flaw to deny access to schedule new pods in the OpenShift cluster...