One Article Review
| Source |  Vuln GCP |
|---|---|
| Identifiant | 8296078 |
| Date de publication | 2022-12-21 17:12:56 (vue: 2022-12-30 21:12:37) |
| Titre | GCP-2022-024 (Recyclage) |
| Texte | Published: 2022-11-09Updated: 2022-12-16Description
Description
Severity
Notes
2022-12-16 Update: Added patch versions for GKE and Anthos clusters on VMware. Two new vulnerabilities (CVE-2022-2585 and CVE-2022-2588) have been discovered in the Linux kernel that can lead to a full container break out to root on the node. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-2585 CVE-2022-2588 |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 024 09updated: 16description 2022 2585 2588 added and anthos aws azure bare been break bulletin can clusters container cve description details discovered for full gcp gke have high instructions kernel lead linux metal more new node notes out patch published: root security see severity that the the: two update: versions vmware vulnerabilities |
| Tags | Guideline |
| Stories | |
| Move | 
|
Les reprises de l'article (1):
| Source | Vuln GCP |
|---|---|
| Identifiant | 8296081 |
| Date de publication | 2022-12-21 17:12:56 (vue: 2022-12-30 21:12:37) |
| Titre | GCP-2022-021 (Recyclage) |
| Texte | Published: 2022-10-27Updated: 2022-12-15Description
Description
Severity
Notes
2022-12-15 Update: Updated information that version 1.21.14-gke.9400 of Google Kubernetes Engine is pending rollout and may be superseded by a higher version number. 2022-11-22 Update: Added patch versions for Anthos clusters on VMware, Anthos clusters on AWS, and Anthos on Azure. A new vulnerability, CVE-2022-3176, has been discovered in the Linux kernel that can lead to local privilege escalation. This vulnerability allows an unprivileged user to achieve full container breakout to root on the node. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-3176 |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 021 15description 2022 27updated: 3176 9400 achieve added allows and anthos aws azure bare been breakout bulletin bulletins: can clusters container cve description details discovered engine escalation following for full gcp gke google has high higher information instructions kernel kubernetes lead linux local may metal more new node notes number patch pending privilege published: rollout root security see severity superseded that the this unprivileged update: updated user version versions vmware vulnerability |
| Tags | Vulnerability Guideline |
| Stories | Uber |
| Move |
|
L'article ressemble à 1 autre(s) article(s):
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
|
2022-12-21 17:12:56 | (Déjà vu) GCP-2022-018 (lien direct) | Published: 2022-08-01Updated: 2022-09-14Description Description Severity Notes 2022-09-14 Update: Added patch versions for Anthos clusters on VMware, Anthos clusters on AWS, and Anthos on Azure. A new vulnerability (CVE-2022-2327) has been discovered in the Linux kernel that can lead to local privilege escalation. This vulnerability allows an unprivileged user to achieve a full container breakout to root on the node. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletinHigh CVE-2022-2327 | Vulnerability Guideline | ★★★ |