Source |
Vuln GCP |
Identifiant |
8296099 |
Date de publication |
2022-12-21 17:12:56 (vue: 2022-12-30 21:12:37) |
Titre |
GCP-2022-002 |
Texte |
Published:Updated:Description
Description
Severity
Notes
2022-02-25 Update: The GKE versions have been updated. For instructions and more details, see the: GKE security bulletin 2022-02-23 Update: The GKE and Anthos clusters on VMware versions have been updated. For instructions and more details, see the: GKE security bulletin
Anthos clusters on VMware security bulletin 2022-02-04 Update: The rollout start date for GKE patch versions was February 2. Note: Your clusters might not have these versions available immediately. Rollouts began on February 2 and take four or more business days to be completed across all Google Cloud zones. Three security vulnerabilities, CVE-2021-4154, CVE-2021-22600, and CVE-2022-0185, have been discovered in the Linux kernel, each of which can lead to either a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all node operating systems (COS and Ubuntu) on GKE, Anthos clusters on VMware, Anthos clusters on AWS (current and previous generation), and Anthos on Azure. Pods using GKE Sandbox are not vulnerable to these vulnerabilities. See the COS release notes for more details. For instructions and more details, see the: GKE security bulletin
Anthos clusters on VMware security bulletin
High
CVE-2021-4154
CVE-2021-22600
CVE-2022-0185
|
Envoyé |
Oui |
Condensat |
002 0185 2021 2022 22600 4154 across affect all and anthos are available aws azure been began both breakout bulletin business can cloud clusters completed container cos current cve date days description details discovered each either escalation february for four gcp generation gke google have high host immediately instructions kernel lead linux might more node not note: notes operating patch pods previous privilege published:updated:description release rollout rollouts sandbox security see severity start systems take the the: these three ubuntu update: updated using versions vmware vulnerabilities vulnerable was which your zones |
Tags |
Guideline
|
Stories |
Uber
|
Notes |
★★★
|
Move |
|