27 matches found
Unity Linux 20.1050e / 20.1070e Security Update: kubernetes (UTSA-2026-016823)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016823 advisory. A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching...
CVE-2026-23326 xsk: Fix fragment node deletion to prevent buffer leak
In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 "xsk: Get rid of xdpbuffxsk::xskblistnode", the listnode field is reused for both the xskb pool list and the buffer free list, this causes a buffer...
EUVD-2017-16784
Malware in sbrugna...
Privilege Escalation
Kubernetes is vulnerable to Privilege Escalation. The vulnerability is due to improper access control because node users can patch their node object with an OwnerReference to a cluster-scoped resource, leading to unintended node deletion via garbage collection...
GO-2025-3915 Kubernetes Nodes can delete themselves by adding an OwnerReference in k8s.io/kubernetes
Kubernetes Nodes can delete themselves by adding an OwnerReference in k8s.io/kubernetes...
OESA-2025-2284 kubernetes security update
Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...
OESA-2025-2283 kubernetes security update
Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...
OESA-2025-2280 kubernetes security update
Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...
Pixar OpenUSD Sdf_PathNode Module Use-After-Free Vulnerability Leading to Potential Remote Code Execution
Summary A Use-After-Free UAF vulnerability has been discovered in the SdfPathNode module of the Pixar OpenUSD library. This issue occurs during the deletion of the SdfPrimPathNode object in multi-threaded environments, where freed memory is accessed. This results in segmentation faults or bus...
SUSE CVE-2025-5187
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
Kubernetes Nodes can delete themselves by adding an OwnerReference
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
CVE-2025-5187
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
DEBIAN-CVE-2025-5187
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
CVE-2025-5187
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
CVE-2025-5187
CVE-2025-5187 is a Kubernetes NodeRestriction vulnerability: node users can delete their own node object by patching an OwnerReference to a cluster-scoped resource, leading to potential node deletion if the OwnerReference resource is missing or GC removes it. The IBM bulletin notes this CVE (alon...
CVE-2025-5187 Nodes can delete themselves by adding an OwnerReference
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
CVE-2025-5187
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
Fedora 41 : kubernetes1.33 (2025-51e8d5ec56)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-51e8d5ec56 advisory. - Update to release v1.33.4 - Resolves: rhbz2388412 - Fixes CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference - Upstream fixes Tenable h...
CVE-2024-53171
CVE-2024-53171 affects the Linux kernel ubifs authentication path. The published details describe a use-after-free in ubifs_tnc_end_commit arising when a node’s znode->parent changes due to a tree split, while the node’s znode->cparent may still point to freed memory after deletions. The is...
CVE-2021-28674
The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node outside of the attacker's perimeter via an account with write permissions. This occurs because node IDs are predictable with incrementing numbers and the access control on...