One Article Review
| Source |  Vuln GCP |
|---|---|
| Identifiant | 8296091 |
| Date de publication | 2022-12-21 17:12:56 (vue: 2022-12-30 21:12:37) |
| Titre | GCP-2022-011 |
| Texte | Published: 2022-03-22 Updated: 2022-08-11Description
Description
Severity
Update 2022-08-11: Added more information about the Simultaneous Multi-Threading (SMT) configuration. SMT was intended to be disabled, but was enabled on the versions listed. If you manually enabled SMT for a sandboxed node pool, SMT will remain manually enabled despite this issue. There is a misconfiguration with Simultaneous Multi-Threading (SMT), also known as Hyper-threading, on GKE Sandbox images. The misconfiguration leaves nodes potentially exposed to side channel attacks such as Microarchitectural Data Sampling (MDS) (for more context, see GKE Sandbox documentation). We do not recommend using the following affected versions: 1.22.4-gke.1501 1.22.6-gke.300 1.23.2-gke.300 1.23.3-gke.600 For instructions and more details, see the: GKE security bulletin. Medium |
| Envoyé | Oui |
| Condensat | 011 11: 11description 1501 2022 300 600 about added affected also and attacks bulletin but channel configuration context data description despite details disabled documentation enabled exposed following for gcp gke hyper images information instructions intended issue known leaves listed manually mds medium microarchitectural misconfiguration more multi node nodes not pool potentially published: recommend remain sampling sandbox sandboxed security see severity side simultaneous smt such the the: there this threading update updated: using versions versions: was will with you |
| Tags | |
| Stories | Uber |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.