Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-12-21 17:12:56 |
(Déjà vu) GCP-2022-012 (lien direct) |
Published: 2022-04-07 Updated: 2022-11-22Description
Description
Severity
Notes
2022-11-22 Update: For GKE clusters in both modes, Standard and Autopilot, workloads using GKE Sandbox are unaffected. A security vulnerability, CVE-2022-0847, has been discovered in the Linux kernel version 5.8 and later that can potentially escalate container privileges to root. This vulnerability affects the following products: GKE node pool versions 1.22 and later that use Container-Optimized OS images (Container-Optimized OS 93 and later)
Anthos clusters on VMware v1.10 for Container-Optimized OS images
Anthos clusters on AWS v1.21 and Anthos clusters on AWS (previous generation) v1.19, v1.20, v1.21, which use Ubuntu
Managed clusters of Anthos on Azure v1.21 which use Ubuntu For instructions and more details, see the following security bulletins: GKE security bulletin
Anthos clusters on VMware security bulletin
Anthos clusters on AWS security bulletin
Anthos on Azure security bulletin
Anthos on bare metal security bulletin
High
CVE-2022-0847
|
Vulnerability
|
Uber
|
★★★
|