EUVD-2020-3162

Malware in sbrugna...

Oracle Linux 7 : Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne (ELSA-2020-5765)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5765 advisory. - x86/speculation: Add SRBDS vulnerability and mitigation documentation Mark Gross Orabug: 31446720 CVE-2020-0543 - x86/speculation: Add Special Regist...

CVE-2020-10739

Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service. This could be sent to the ingress gateway or a sideca...

Null pointer dereference

Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service. This could be sent to the ingress gateway or a sideca...

CVE-2020-10739

CVE-2020-10739 affects Istio 1.4.x prior to 1.4.9 and Istio 1.5.x prior to 1.5.4 when Telemetry v2 is enabled. A specially crafted packet can trigger a Null Pointer Dereference in the ingress gateway or proxy sidecar, causing a Denial of Service. The issue also affects servicemesh-proxy. If Telem...

CVE-2020-10739

A null pointer exception flaw was found in servicemesh-proxy. When running Telemetry v2 not on by default in version 1.4.x, an attacker could send a specially crafted packet to the ingress gateway or proxy sidecar, triggering a denial of service. Mitigation Leave the telemetry reporting in...