One Article Review
| Source |  Vuln GCP |
|---|---|
| Identifiant | 8296087 |
| Date de publication | 2022-12-21 17:12:56 (vue: 2022-12-30 21:12:37) |
| Titre | GCP-2022-015 |
| Texte | Published: 2022-06-09 Updated: 2022-06-10Description
Description
Severity
Notes
2022-06-10 Update: The Anthos Service Mesh versions have been updated. For instructions and more details, see the Anthos Service Mesh security bulletin. The following Envoy and Istio CVEs expose Anthos Service Mesh and Istio on GKE to remotely exploitable vulnerabilities: CVE-2022-31045: Istio data plane can potentially access memory unsafely when the Metadata Exchange and Stats extensions are enabled. CVE-2022-29225: Data can exceed intermediate buffer limits if a malicious attacker passes a small highly compressed payload (zip bomb attack). CVE-2021-29224: Potential null pointer dereference in GrpcHealthCheckerImpl. CVE-2021-29226: OAuth filter allows trivial bypass. CVE-2022-29228: OAuth filter can corrupt memory (earlier versions) or trigger an ASSERT() (later versions). CVE-2022-29227: Internal redirects crash for requests with body or trailers. For instructions and more details, see the Anthos Service Mesh security bulletin. Critical CVE-2022-31045 CVE-2022-29225 CVE-2021-29224 CVE-2021-29226 CVE-2022-29228 CVE-2022-29227 |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 015 10description 2021 2022 29224 29224: 29225 29225: 29226 29226: 29227 29227: 29228 29228: 31045 31045: access allows and anthos are assert attack attacker been body bomb buffer bulletin bypass can compressed corrupt crash critical cve cves data dereference description details earlier enabled envoy exceed exchange exploitable expose extensions filter following for gcp gke grpchealthcheckerimpl have highly instructions intermediate internal istio later limits malicious memory mesh metadata more notes null oauth passes payload plane pointer potential potentially published: redirects remotely requests security see service severity small stats the trailers trigger trivial unsafely update: updated updated: versions vulnerabilities: when with zip |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.