One Article Review
| Source |  Vuln GCP |
|---|---|
| Identifiant | 8296077 |
| Date de publication | 2022-12-21 17:12:56 (vue: 2022-12-30 21:12:37) |
| Titre | GCP-2022-025 (Recyclage) |
| Texte | Published: 2022-12-21Description Description Severity Notes A new vulnerability (CVE-2022-2602) has been discovered in the io_uring subsystem in the Linux kernel that can allow an attacker to potentially execute arbitrary code. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-2602 |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 025 2022 21description 2602 allow and anthos arbitrary attacker aws azure bare been bulletin bulletins: can clusters code cve description details discovered execute following for gcp gke has high instructions kernel linux metal more new notes potentially published: security see severity subsystem that the uring vmware vulnerability |
| Tags | Vulnerability |
| Stories | |
| Move | 
|
Les reprises de l'article (1):
| Source | Vuln GCP |
|---|---|
| Identifiant | 8296080 |
| Date de publication | 2022-12-21 17:12:56 (vue: 2022-12-30 21:12:37) |
| Titre | GCP-2022-022 (Recyclage) |
| Texte | Published: 2022-10-28Updated: 2022-12-14Description
Description
Severity
Notes
2022-12-14 Update: Added patch versions for GKE and Anthos clusters on VMware. A new vulnerability, CVE-2022-20409, has been discovered in the Linux kernel that could allow an unprivileged user to escalate to system execution privilege. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-20409 |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 022 14description 2022 20409 28updated: added allow and anthos aws azure bare been bulletin bulletins: clusters could cve description details discovered escalate execution following for gcp gke has high instructions kernel linux metal more new notes patch privilege published: security see severity system that the unprivileged update: user versions vmware vulnerability |
| Tags | |
| Stories | |
| Move |
|
L'article ressemble à 3 autre(s) article(s):
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
|
2022-12-21 17:12:56 | (Déjà vu) GCP-2022-021 (lien direct) | Published: 2022-10-27Updated: 2022-12-15Description Description Severity Notes 2022-12-15 Update: Updated information that version 1.21.14-gke.9400 of Google Kubernetes Engine is pending rollout and may be superseded by a higher version number. 2022-11-22 Update: Added patch versions for Anthos clusters on VMware, Anthos clusters on AWS, and Anthos on Azure. A new vulnerability, CVE-2022-3176, has been discovered in the Linux kernel that can lead to local privilege escalation. This vulnerability allows an unprivileged user to achieve full container breakout to root on the node. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-3176 | Vulnerability Guideline | Uber | ★★★ |
|
2022-12-21 17:12:56 | (Déjà vu) GCP-2022-022 (lien direct) | Published: 2022-10-28Updated: 2022-12-14Description Description Severity Notes 2022-12-14 Update: Added patch versions for GKE and Anthos clusters on VMware. A new vulnerability, CVE-2022-20409, has been discovered in the Linux kernel that could allow an unprivileged user to escalate to system execution privilege. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-20409 | ★★★ | ||
|
2022-12-21 17:12:56 | (Déjà vu) GCP-2022-012 (lien direct) | Published: 2022-04-07 Updated: 2022-11-22Description Description Severity Notes 2022-11-22 Update: For GKE clusters in both modes, Standard and Autopilot, workloads using GKE Sandbox are unaffected. A security vulnerability, CVE-2022-0847, has been discovered in the Linux kernel version 5.8 and later that can potentially escalate container privileges to root. This vulnerability affects the following products: GKE node pool versions 1.22 and later that use Container-Optimized OS images (Container-Optimized OS 93 and later) Anthos clusters on VMware v1.10 for Container-Optimized OS images Anthos clusters on AWS v1.21 and Anthos clusters on AWS (previous generation) v1.19, v1.20, v1.21, which use Ubuntu Managed clusters of Anthos on Azure v1.21 which use Ubuntu For instructions and more details, see the following security bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-0847 | Vulnerability | Uber | ★★★ |