This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-17T06:27:11+00:00 www.secnews.physaphae.fr Vuln GCP - FLux Vuln GoogleCloudPlatform Anthos Service Mesh Security Bulletin . High cve-2024-27919 CVE-2024-30255 CVE-2024-32475 CVE-2023-45288

---

Published: 2024-04-24Description Description Severity Notes The following CVEs expose Anthos Service Mesh to exploitable vulnerabilities: CVE-2024-27919: HTTP/2: memory exhaustion due to CONTINUATION frame flood. CVE-2024-30255: HTTP/2: CPU exhaustion due to CONTINUATION frame flood CVE-2024-32475: Abnormal termination when using \'auto_sni\' with \':authority\' header longer than 255 characters. CVE-2023-45288: HTTP/2 CONTINUATION frames can be utilized for DoS attacks. For instructions and more details, see the Anthos Service Mesh security bulletin. High CVE-2024-27919 CVE-2024-30255 CVE-2024-32475 CVE-2023-45288 ]]> 2024-04-24T21:21:38+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-023 www.secnews.physaphae.fr/article.php?IdArticle=8488219 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de sécurité gke GKE sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur GKE sur le bulletin de sécurité Bare Metal High CVE-2023-45288

---

Published: 2024-04-03Description Description Severity Notes A Denial-of-Service (DoS) vulnerability (CVE-2023-45288) was recently discovered in multiple implementations of the HTTP/2 protocol, including the golang HTTP server used by Kubernetes. The vulnerability could lead to a DoS of the Google Kubernetes Engine (GKE) control plane. For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2023-45288 ]]> 2024-04-03T21:22:02+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-022 www.secnews.physaphae.fr/article.php?IdArticle=8475489 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform CVE-2024-3094 , qui affecte les versions 5.6.0 et 5.6.1 du package XZ-Utils dans la bibliothèque Liblzma, et pourrait conduire au compromis de l'utilitaire OpenSSH. Pour plus de détails, voir le ]]> 2024-04-03T16:47:44+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-021 www.secnews.physaphae.fr/article.php?IdArticle=8475344 False Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform CVE-2023-48022 ) dans ]]> 2024-04-02T17:03:04+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-020 www.secnews.physaphae.fr/article.php?IdArticle=8474728 False Vulnerability,Threat,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2024-03-05T23:25:43+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-016 www.secnews.physaphae.fr/article.php?IdArticle=8459564 False Vulnerability None None Vuln GCP - FLux Vuln GoogleCloudPlatform AMD-SN-3007 . modéré CVE-2023-31346 CVE-2023-31347

---

Published: 2024-02-13Description Description Severity Notes On February 13, 2024, AMD disclosed two vulnerabilities affecting SEV-SNP on EPYC CPUs based on third generation "Milan" and fourth generation "Genoa" Zen cores. The vulnerabilities allow privileged attackers to access stale data from guests or cause a loss of guest integrity. Google has applied fixes to affected assets, including Google Cloud, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google. What should I do? No customer action is required. Fixes have already been applied to the Google server fleet for Google Cloud, including Compute Engine. For more information, see AMD security advisory AMD-SN-3007. Moderate CVE-2023-31346 CVE-2023-31347 ]]> 2024-02-13T17:28:33+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-009 www.secnews.physaphae.fr/article.php?IdArticle=8449654 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform GKE Sécurité Bulletin Bulletin Bulletin Bulletin Bulletin Bulletin Bulletin de sécurité GKE GKE GKE gke sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur GKE sur le bulletin de sécurité en métal nu High CVE-2023-5528

---

Published: 2024-02-12Description Description Severity Notes CVE-2023-5528 allows an attacker to create pods and persistent volumes on Windows nodes in a way that enables admin privilege escalation on those nodes. For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2023-5528 ]]> 2024-02-12T22:37:28+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-008 www.secnews.physaphae.fr/article.php?IdArticle=8449404 False Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de service de service Anthos . High cve-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327

---

Published: 2024-02-08Description Description Severity Notes The following CVEs expose Anthos Service Mesh to exploitable vulnerabilities: CVE-2024-23322: Envoy crashes when idle and requests per try timeout occur within the backoff interval. CVE-2024-23323: Excessive CPU usage when URI template matcher is configured using regex. CVE-2024-23324: External authorization can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata. Envoy crashes when using an address type that isn\'t supported by the OS. CVE-2024-23327: Crash in proxy protocol when command type is LOCAL. For instructions and more details, see the Anthos Service Meshsecurity bulletin. High CVE-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 ]]> 2024-02-08T23:50:05+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-007 www.secnews.physaphae.fr/article.php?IdArticle=8448233 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform Target Endpoint ou serveur cible , le proxy n'effectue pas la validation du nom d'hôtepour le certificat présenté par le point de terminaison cible ou le serveur cible par défaut.Si la validation du nom d'hôte n'est pas activée à l'aide de l'une des options suivantes, les proxys APIGEE se connectant à un point de terminaison cible ou un serveur cible peuvent être à risque pour une attaque de l'homme au milieu d'un utilisateur autorisé.Pour plus d'informations, consultez Configuration des TLs de bord au backend (nuage et privéCloud) . Pour les instructions et plus de détails, consultez le Bulletin de sécurité de l'apigan . High

---

Published: 2024-02-5Description Description Severity Notes When an Apigee API Management proxy connects to a target endpoint or target server, the proxy does not perform hostname validation for the certificate presented by the target endpoint or target server by default. If hostname validation is not enabled using one of the following options, Apigee proxies connecting to a target endpoint or target server may be at risk for a man-in-the-middle attack by an authorized user. For more information, see Configuring TLS from Edge to the backend (Cloud and Private Cloud).For instructions and more details, see the Apigee security bulletin. High ]]> 2024-02-05T21:06:18+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-006 www.secnews.physaphae.fr/article.php?IdArticle=8447039 False Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de sécurité gke gke sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur gke sur le bulletin de sécurité en métal nus High CVE-2024-21626

---

Published: 2024-01-31Description Description Severity Notes A security vulnerability, CVE-2024-21626, has been discovered in runc where a user with permission to create Pods on Container-Optimized OS and Ubuntu nodes might be able to gain full access to the node filesystem. For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2024-21626 ]]> 2024-01-31T20:08:14+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-005 www.secnews.physaphae.fr/article.php?IdArticle=8445314 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform non recommandée , car elles violent les violations de la violence.Principe du moindre privilège et accès à de très grands groupes d'utilisateurs.Voir les conseils sous \\ 'que dois-je faire \' Pour des instructions sur la façon de trouver ces types de liaisons. Pour les instructions et plus de détails, consultez les bulletins suivants: Bulletin de sécurité GKE moyen

---

Published: 2024-01-19Description Description Severity Notes We have identified several clusters where users have granted Kubernetes privileges to the system:authenticated group, which includes all users with a Google account. These types of bindings are not recommended, as they violate the principle of least privilege and grant access to very large groups of users. See guidance under \'What should I do\' for instructions on how to find these types of bindings. For instructions and more details, see the following bulletins: GKE security bulletin Medium ]]> 2024-01-20T01:07:13+00:00 https://cloud.google.com/support/bulletins/index#2024-003 www.secnews.physaphae.fr/article.php?IdArticle=8440836 False Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2024-01-17T18:46:13+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-001 www.secnews.physaphae.fr/article.php?IdArticle=8440046 False Vulnerability None None Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de sécurité GKE GKE sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur gke sur le bulletin de sécurité nue High CVE-2023-3090

---

Published: 2023-12-20Description Description Severity Notes The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.CVE-2023-3090 For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2023-3090 ]]> 2023-12-20T18:06:55+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-049 www.secnews.physaphae.fr/article.php?IdArticle=8426268 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de sécurité GKE GKE sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur GKE sur le bulletin de sécurité Bare Metal High CVE-2023-3390

---

Published: 2023-12-15Description Description Severity Notes The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.CVE-2023-3390 For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2023-3390 ]]> 2023-12-15T13:31:44+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-048 www.secnews.physaphae.fr/article.php?IdArticle=8423323 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de sécurité GKE GKE sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur gke sur le bulletin de sécurité nue moyen

---

Published: 2023-12-14Description Description Severity Notes An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that have enabled it) to escalate privileges in the cluster. For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin Medium ]]> 2023-12-14T17:28:06+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-047 www.secnews.physaphae.fr/article.php?IdArticle=8422756 False Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-11-22T18:13:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-042 www.secnews.physaphae.fr/article.php?IdArticle=8416165 False None None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-11-22T18:13:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-046 www.secnews.physaphae.fr/article.php?IdArticle=8416163 False None None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-11-22T18:13:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-041 www.secnews.physaphae.fr/article.php?IdArticle=8416166 False None None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-11-22T18:13:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-039 www.secnews.physaphae.fr/article.php?IdArticle=8416168 False None None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-11-22T18:13:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-040 www.secnews.physaphae.fr/article.php?IdArticle=8416167 False None None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-11-22T18:13:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-038 www.secnews.physaphae.fr/article.php?IdArticle=8416169 False None None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-11-22T18:13:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-037 www.secnews.physaphae.fr/article.php?IdArticle=8416170 False None None None Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de sécurité GKE GKE sur VMware Security Bulletin GKE sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur google distribué virtuel du nuage pour le bulletin de sécurité des métaux nus High CVE-2023-5197

---

Published: 2023-11-20Description Description Severity Notes The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.CVE-2023-5197 For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin Google Distributed Cloud Virtual for Bare Metal security bulletin High CVE-2023-5197 ]]> 2023-11-22T18:13:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-045 www.secnews.physaphae.fr/article.php?IdArticle=8416164 False None None None Vuln GCP - FLux Vuln GoogleCloudPlatform . modéré cve.-2022-23820 cve-2021-46774 cve-2023-20533 cve-2023-20519 cve-2023-20592 cve-2023-20566 cve-2022-23830 cve-2023-20526 cve-2021-26345

---

Published: 2023-11-15Description Description Severity Notes On November 14, AMD disclosed multiple vulnerabilities that impact various AMD server CPUs. Specifically, the vulnerabilities impact EPYC Server CPUs leveraging Zen core generation 2 "Rome," gen 3 "Milan," and gen 4 "Genoa." Google has applied fixes to affected assets, including Google Cloud, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google. What should I do? No customer action is required. Fixes have already been applied to the Google server fleet for Google Cloud, including Google Compute Engine. What vulnerabilities are being addressed? The patch mitigated the following vulnerabilities: CVE-2022-23820 CVE-2021-46774 CVE-2023-20533 CVE]]> 2023-11-15T19:19:05+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-044 www.secnews.physaphae.fr/article.php?IdArticle=8412584 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-11-13T22:41:17+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-043 www.secnews.physaphae.fr/article.php?IdArticle=8411982 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-10-31T04:09:51+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-036 www.secnews.physaphae.fr/article.php?IdArticle=8403578 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-10-26T21:15:33+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-035 www.secnews.physaphae.fr/article.php?IdArticle=8401077 False Vulnerability None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-10-25T16:51:37+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-034 www.secnews.physaphae.fr/article.php?IdArticle=8400200 False Vulnerability None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-10-24T15:45:52+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-033 www.secnews.physaphae.fr/article.php?IdArticle=8399779 False Vulnerability None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-10-13T18:59:51+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-032 www.secnews.physaphae.fr/article.php?IdArticle=8395291 False Vulnerability None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-10-10T18:03:39+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-031 www.secnews.physaphae.fr/article.php?IdArticle=8393933 False None None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-10-10T17:37:33+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-030 www.secnews.physaphae.fr/article.php?IdArticle=8393870 False Vulnerability Uber None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-10-04T22:04:01+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-029 www.secnews.physaphae.fr/article.php?IdArticle=8392291 False Vulnerability None None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-09-20T00:56:28+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-028 www.secnews.physaphae.fr/article.php?IdArticle=8385936 False Vulnerability,Cloud None None Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de sécurité gke clusters anthos sur le bulletin de sécurité VMware grappes anthos sur le bulletin de sécurité AWS anthos sur le bulletin de sécurité azur anthos sur le bulletin de sécurité en métal nu High CVE-2023-3676 , CVE-2023-3955 , cve-2023-3893

---

Published: 2023-09-06Description Description Severity Notes Three vulnerabilities (CVE-2023-3676, CVE-2023-3955, CVE-2023-3893) have been discovered in Kubernetes where a user that can create Pods on Windows nodes may be able to escalate to admin privileges on those nodes. These vulnerabilities affect the Windows versions of Kubelet and the Kubernetes CSI proxy. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2023-3676, CVE-2023-3955, CVE-2023-3893 ]]> 2023-09-06T17:35:09+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-026 www.secnews.physaphae.fr/article.php?IdArticle=8379787 False Vulnerability Uber 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-08-09T00:33:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-025 www.secnews.physaphae.fr/article.php?IdArticle=8367788 False Cloud None 1.00000000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Intel Security Advisory Intel-SA-00828 . High CVE-2022-40982

---

Published: 2023-08-08Description Description Severity Notes Intel disclosed a vulnerability in select processors (CVE-2022-40982). Google has taken steps to mitigate its server fleet, including Google Cloud, to ensure customers are protected. The vulnerability details: CVE-2022-40982 (Intel IPU 2023.3, "GDS" aka "Downfall") What should I do?No customer action is required. All available patches have already been applied to the Google server fleet for Google Cloud, including Google Compute Engine. At this time, the following products require additional updates from partners and vendors. Google Cloud VMware Engine Google Distributed Cloud Hosted Google Distributed Cloud Edge Google Cloud Bare Metal Solution Evolved Packet Core Google will remediate these products once these patches have been made available, and this bulletin will be updated accordingly. Google Chromebook and ChromeOS Flex customers automatically received the Intel provided mitigations in Stable (115), Beta (116), and LTC (114). Chromebook and ChromeOS Flex customers pinned to an older release should consider unpinning and moving to Stable or LTS releases to ensure they receive this and other vulnerability fixes. What vulnerabilities are being addressed? CVE-2022-40982 - For more information, see Intel Security Advisory INTEL-SA-00828. High CVE-2022-409]]> 2023-08-08T16:41:49+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-024 www.secnews.physaphae.fr/article.php?IdArticle=8367404 False Vulnerability,Cloud None 1.00000000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform AMD SB-7005 . modéré CVE-2023-20569

---

Published: 2023-08-08Description Description Severity Notes AMD disclosed a vulnerability in select processors (CVE-2023-20569). Google has taken steps to mitigate its server fleet, including Google Cloud, to ensure customers are protected. The vulnerability details: CVE-2023-20569 (AMD SB-7005 aka "Inception") What should I do?Users of Compute Engine VMs should consider OS provided mitigations if using intra-instance untrusted code execution. We recommend customers to contact their OS vendors for more specific guidance. Fixes have already been applied to the Google server fleet for Google Cloud, including Google Compute Engine. What vulnerabilities are being addressed? CVE-2023-20569 - For more information, see AMD SB-7005. Moderate CVE-2023-20569 ]]> 2023-08-08T16:02:27+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-023 www.secnews.physaphae.fr/article.php?IdArticle=8367369 False Vulnerability None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform CVE-2023-33953

---

Published: 2023-08-03Description Description Severity Notes Google identified a vulnerability in gRPC C++ Implementations prior to the 1.57 release. This was a Denial-of-Service vulnerability within the gRPC\'s C++ implementation. These have been fixed in the 1.53.2, 1.54.3, 1.55.2, 1.56.2, and 1.57 releases. What should I do? Ensure that you\'re using the latest versions of the following software packages: gRPC (C++, Python, Ruby) versions 1.53, 1.54, 1.55, and 1.56 need to upgrade to the following patch releases: 1.53.2 1.54.3 1.55.2 1.56.2 gRPC (C++, Python, Ruby) versions 1.52 and earlier need to upgrade to one of the approved patch releases. For example, 1.53.2, 1.54.3, 1.53.4, etc. What vulnerabilities are being addressed? These patches mitigate the following vulnerabilities: Denial-Of-Service vulnerability in gRPC C++ implementations: Specially crafted requests can cause a termination of connection between a proxy and a backend.High CVE-2023-33953 ]]> 2023-08-03T17:39:00+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-022 www.secnews.physaphae.fr/article.php?IdArticle=8365455 False Vulnerability None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-07-26T16:11:06+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-021 www.secnews.physaphae.fr/article.php?IdArticle=8361791 False Vulnerability None 1.00000000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-07-24T20:14:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-020 www.secnews.physaphae.fr/article.php?IdArticle=8360913 False Vulnerability,Cloud None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-07-18T17:27:52+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-019 www.secnews.physaphae.fr/article.php?IdArticle=8358421 False Vulnerability None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-06-27T14:55:00+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-018 www.secnews.physaphae.fr/article.php?IdArticle=8349769 True Vulnerability Uber 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform gcp-2023-002 . Pour les instructionset plus de détails, voir les bulletins suivants: Bulletin de sécurité GKE clusters anthos sur le bulletin de sécurité VMware grappes anthos sur le bulletin de sécurité AWS anthos sur le bulletin de sécurité azur anthos sur le bulletin de sécurité en métal nu High CVE-2023-27496 , CVE-2023-27488 , cve-2023-27493 , cve-2023-27492 , cve-2023-27491 , cve-2023-27487

---

Published: 2023-06-26Description Description Severity Notes A number of vulnerabilities have been discovered in Envoy, which is used in Anthos Service Mesh that allow a malicious attacker to cause a denial of service or crash Envoy. These were reported separately as GCP-2023-002. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2023-27496, CVE-2023-27488, CVE-2023-27493, CVE-2023-27492, ]]> 2023-06-26T18:49:48+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-016 www.secnews.physaphae.fr/article.php?IdArticle=8349434 False None None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-06-26T18:49:48+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-017 www.secnews.physaphae.fr/article.php?IdArticle=8349433 False Vulnerability Uber 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform deux fois et provoquera un problème de reflets de fichier struct.Les clusters GKE, y compris les grappes de pilote automatique, avec un système d'exploitation optimisé par le conteneur utilisant le noyau Linux version 5.15 sont affectés.Les grappes GKE utilisant des images Ubuntu ou l'utilisation de Gke Sandbox ne sont pas affectées. Pour les instructions et plus de détails, consultez les bulletins suivants: GKE Sécurité Bulletin clusters anthos sur le bulletin de sécurité VMware grappes anthos sur le bulletin de sécurité AWS anthos sur le bulletin de sécurité azur anthos sur le bulletin de sécurité en métal nu moyen cve-2023-0468

---

Published: 2023-06-20Description Description Severity Notes A new vulnerability, CVE-2023-0468, has been discovered in the Linux kernel that could allow an unprivileged user to escalate privileges to root when io_poll_get_ownership will keep increasing req->poll_refs on every io_poll_wake then overflow to 0 which will fput req->file twice and cause a struct file refcount issue. GKE clusters, including Autopilot clusters, with Container-Optimized OS using Linux Kernel version 5.15 are affected. GKE clusters using Ubuntu images or using GKE Sandbox are unaffected. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin Medium CVE-CVE-2023-0468 ]]> 2023-06-20T15:06:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-015 www.secnews.physaphae.fr/article.php?IdArticle=8347468 False None None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de sécurité GKE grappes anthos sur le bulletin de sécurité VMware grappes anthos sur le bulletin de sécurité AWS anthos sur le bulletin de sécurité azur anthos sur le bulletin de sécurité nus Aucun CVE-2023-2878

---

Published: 2023-06-06Description Description Severity Notes A new vulnerability (CVE-2023-2878) has been discovered in the secrets-store-csi-driver where an actor with access to the driver logs could observe service account tokens. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin None CVE-2023-2878 ]]> 2023-06-20T15:06:21+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-009 www.secnews.physaphae.fr/article.php?IdArticle=8347469 False Vulnerability None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-06-15T19:06:42+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-014 www.secnews.physaphae.fr/article.php?IdArticle=8345868 False None Uber 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Cloud Build Security Bulletin . Low

---

Published: 2023-06-08Description Description Severity Notes When you enable the Cloud Build API in a project, Cloud Build automatically creates a default service account to execute builds on your behalf. This Cloud Build service account previously had the logging.privateLogEntries.list IAM permission, which allowed builds to have access to list private logs by default. This permission has now been revoked from the Cloud Build service account to adhere to the security principle of least privilege. For instructions and more details, see the Cloud Build security bulletin. Low ]]> 2023-06-15T19:06:42+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-013 www.secnews.physaphae.fr/article.php?IdArticle=8345869 False Cloud None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform cve-2023-1428 , CVE-2023-32731 et CVE-2023-32732 . En avril, nous avons identifié deux vulnérabilités dans les versions de 1,53 et 1,54.L'un était une vulnérabilité du déni de service dans l'implémentation C ++ de GRPC \\ et l'autre était une vulnérabilité d'exfiltration de données distantes.Ceux-ci ont été fixés en 1,53.1, 1,54,2 et vers des versions ultérieures. Auparavant en mars, nos équipes internes ont découvert une vulnérabilité de déni de service dans la mise en œuvre du C ++ du GRPC \\ tout en effectuant une routine de routineactivités de fuzzing.Il a été trouvé dans la version GRPC 1.52, et a été fixé dans les versions 1.52.2 et 1,53. Que dois-je faire? Assurez-vous que vous utilisez les dernières versions des packages logiciels suivants: GRPC (C ++, Python, Ruby) version 1.52, 1.53 et 1.54 doivent passer à la mise à niveau suivanterejets de correctif; 1.52.2 1.53.1 1.54.2 GRPC (C ++, Python, Ruby) version 1.51 et antérieurs ne sont pas affectés, les utilisateurs avec ces versions ne peuvent donc prendre aucune action Quelles vulnérabilités sont traitées par ces correctifs? Ces correctifs atténuent les vulnérabilités suivantes: 1.53.1, 1.54.2 et les versions ultérieures s'adressent aux abordements.Suivant: La vulnérabilité du déni de service dans l'implémentation GRPC C ++.Des demandes spécialement conçues peuvent entraîner une résiliation de la connexion entre un proxy et un backend.Vulnérabilité d'exfiltration des données à distance: La désynchronisation dans le tableau HPACK en raison des limitations de la taille de l'en-tête peut entraîner des backends proxy qui fuient les données d'en-tête d'autres clients connectés à un proxy. 1.52.2, 1,53, et les versions ultérieures adressées à la question suivante.: Vulnérabilité du déni de service dans l'implémentation C ++ de GRPC \\.L'analyse de certaines demandes spécifiquement formées peut entraîner un accident impactant un serveur. Nous vous recommandons de passer aux dernières versions des packages logiciels suivants comme indiqué ci-dessus. HIGH (CVE-2023-1428, CVE-2023-32731).Moyen (CVE-2023-32732) CVE-2023-1428, CVE-2023-32731, cve-023-32732

---

Published: 2023-06-07Description Description Severity Notes Google identified three new vulnerabilities in the gRPC C ++ implementation. These will be published soon publicly as CVE-2023-1428, CVE-2023-32731 and ]]> 2023-06-07T21:21:27+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-010 www.secnews.physaphae.fr/article.php?IdArticle=8343150 False Vulnerability None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Gke SecurityBulletin grappes anthos sur VMware Security Bulletin grappes anthos sur le bulletin de sécurité AWS anthos sur le bulletin de sécurité azur anthos sur le bulletin de sécurité nus High CVE-2023-1872

---

Published: 2023-06-05Description Description Severity Notes A new vulnerability (CVE-2023-1872) has been discovered in the Linux kernel that can lead to a privilege escalation to root on the node. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2023-1872 ]]> 2023-06-05T19:44:44+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-008 www.secnews.physaphae.fr/article.php?IdArticle=8342288 False Vulnerability None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-06-02T20:21:30+00:00 https://cloud.google.com/support/bulletins/index#GCP-2023-001 www.secnews.physaphae.fr/article.php?IdArticle=8341646 False Vulnerability,Patching,Cloud None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-05-18T15:08:09+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-005 www.secnews.physaphae.fr/article.php?IdArticle=8337680 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-04-26T22:23:09+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-004 www.secnews.physaphae.fr/article.php?IdArticle=8331412 False Vulnerability None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-04-11T15:31:45+00:00 https://cloud.google.com/support/bulletins/index#gcp-YYYY-NNN www.secnews.physaphae.fr/article.php?IdArticle=8326689 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-04-04T20:19:30+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-002 www.secnews.physaphae.fr/article.php?IdArticle=8324883 False Vulnerability None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-4696 ]]> 2023-03-01T20:25:32+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-001 www.secnews.physaphae.fr/article.php?IdArticle=8314759 True Vulnerability,Guideline None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin Medium CVE-2022-3786 CVE-2022-3602 ]]> 2023-01-11T22:15:53+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-026 www.secnews.physaphae.fr/article.php?IdArticle=8300309 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin 2022-02-23 Update: The GKE and Anthos clusters on VMware versions have been updated. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin

---

2022-02-04 Update: The rollout start date for GKE patch versions was February 2. Note: Your clusters might not have these versions available immediately. Rollouts began on February 2 and take four or more business days to be completed across all Google Cloud zones.

---

Three security vulnerabilities, CVE-2021-4154, CVE-2021-22600, and CVE-2022-0185, have been discovered in the Linux kernel, each of which can lead to either a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all node operating systems (COS and Ubuntu) on GKE, Anthos clusters on VMware, Anthos clusters on AWS (current and previous generation), and Anthos on Azure. Pods using GKE Sandbox are not vulnerable to these vulnerabilities. See the COS release notes for more details. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin High CVE-2021-4154 CVE-2021-22600 CVE-2022-0185 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-002 www.secnews.physaphae.fr/article.php?IdArticle=8296099 False Guideline Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin Anthos clusters on VMware security bulletin Anthos on Azure security bulletin Medium CVE-2021-43527 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-005 www.secnews.physaphae.fr/article.php?IdArticle=8296097 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Anthos Service Mesh security bulletin. Istio on GKE security bulletin. High CVE-2022-23635 CVE-2021-43824 CVE-2021-43825 CVE-2021-43826 CVE-2022-21654 CVE-2022-21655 CVE-2022-23606 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-007 www.secnews.physaphae.fr/article.php?IdArticle=8296095 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE Sandbox are unaffected.

---

2022-05-12 Update: The Anthos clusters on AWS and Anthos on Azure versions have been updated. For instructions and more details, see the:Anthos clusters on AWS security bulletin Anthos on bare metal security bulletin

---

Two security vulnerabilities, CVE-2022-1055 and CVE-2022-27666 have been discovered in the Linux kernel. Each can lead to a local attacker being able to perform a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all GKE node operating systems (Container-Optimized OS and Ubuntu). For instructions and more details, see the following security bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-1055 CVE-2022-27666 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-014 www.secnews.physaphae.fr/article.php?IdArticle=8296088 False Guideline Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Three new memory corruption vulnerabilities (CVE-2022-29581, CVE-2022-29582, CVE-2022-1116) have been discovered in the Linux kernel. These vulnerabilities allow an unprivileged user with local access to the cluster to achieve a full container breakout to root on the node. All Linux clusters (Container-Optimized OS and Ubuntu) are affected. For instructions and more details, refer to the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-29581 CVE-2022-29582 CVE-2022-1116 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-016 www.secnews.physaphae.fr/article.php?IdArticle=8296086 True None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform A new vulnerability, CVE-2022-3176, has been discovered in the Linux kernel that can lead to local privilege escalation. This vulnerability allows an unprivileged user to achieve full container breakout to root on the node. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-3176 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-021 www.secnews.physaphae.fr/article.php?IdArticle=8296081 True Vulnerability,Guideline Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform CVE-2022-1941 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#GCP-2022-019 www.secnews.physaphae.fr/article.php?IdArticle=8296083 False Vulnerability,Guideline None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Anthos clusters on VMware security bulletin. High ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2021-022 www.secnews.physaphae.fr/article.php?IdArticle=8296102 False Vulnerability None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin.

---

2022-05-12 Update: The GKE, Anthos clusters on VMware, Anthos clusters on AWS, and Anthos on Azure versions have been updated. For instructions and more details, see the:GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin

---

A security vulnerability, CVE-2022-0492, has been discovered in the Linux kernel's cgroup_release_agent_write function. The attack uses unprivileged user namespaces and under certain circumstances this vulnerability can be exploitable for container breakout. Low For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-006 www.secnews.physaphae.fr/article.php?IdArticle=8296096 False Vulnerability None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Vulnerability Reward Program. For instructions and more details, see the GKE security bulletin Low ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-009 www.secnews.physaphae.fr/article.php?IdArticle=8296093 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-2602 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-025 www.secnews.physaphae.fr/article.php?IdArticle=8296077 True Vulnerability None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform VMSA-2021-0020 CVE-2021-22005 CVE-2021-22006 CVE-2021-22007 CVE-2021-22008 CVE-2021-22010 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2021-023 www.secnews.physaphae.fr/article.php?IdArticle=8296104 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Anthos Service Mesh security bulletin. High CVE-2022-24726 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#GCP-2022-010 www.secnews.physaphae.fr/article.php?IdArticle=8296092 True None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE Sandbox are unaffected.

---

A security vulnerability, CVE-2022-0847, has been discovered in the Linux kernel version 5.8 and later that can potentially escalate container privileges to root. This vulnerability affects the following products: GKE node pool versions 1.22 and later that use Container-Optimized OS images (Container-Optimized OS 93 and later) Anthos clusters on VMware v1.10 for Container-Optimized OS images Anthos clusters on AWS v1.21 and Anthos clusters on AWS (previous generation) v1.19, v1.20, v1.21, which use Ubuntu Managed clusters of Anthos on Azure v1.21 which use Ubuntu For instructions and more details, see the following security bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-0847 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-012 www.secnews.physaphae.fr/article.php?IdArticle=8296090 True Vulnerability Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform A new vulnerability (CVE-2022-2327) has been discovered in the Linux kernel that can lead to local privilege escalation. This vulnerability allows an unprivileged user to achieve a full container breakout to root on the node. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletinHigh CVE-2022-2327 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#GCP-2022-018 www.secnews.physaphae.fr/article.php?IdArticle=8296084 True Vulnerability,Guideline None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-39278 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-023 www.secnews.physaphae.fr/article.php?IdArticle=8296079 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform CVE-2021-22569 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-001 www.secnews.physaphae.fr/article.php?IdArticle=8296100 False None None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Anthos clusters on VMware security bulletin.

---

The Envoy project recently discovered a set of vulnerabilities. All issues listed below are fixed in Envoy release 1.21.1. CVE-2022-23606: When a cluster is deleted via Cluster Discovery Service (CDS) all idle connections established to endpoints in that cluster are disconnected. A recursion was erroneously introduced in Envoy version 1.19 to the procedure of disconnecting idle connections that can lead to stack exhaustion and abnormal process termination when a cluster has a large number of idle connections. CVE-2022-21655: Envoy's internal redirect code assumes that a route entry exists. When an internal redirect is done to a route which has a direct response entry and no route entry, it results in dereferencing a null pointer and crashing. CVE-2021-43826: When Envoy is configured to use tcp_proxy which uses upstream tunneling (over HTTP), and downstream TLS termination, Envoy will crash if the downstream client disconnects during the TLS handshake while the upstream HTTP stream is still being established. The downstream disconnect can be either client or server initiated. The client can disconnect for any reason. The server may disconnect if, for example, it has no TLS ciphers or TLS protocol versions compatible with the client. It may be possible to trigger this crash in other downstream configurations as well. CVE-2021-43825: Sending a locally generated response must stop further processing of request or response data. Envoy tracks the amount of buffered request and response data and aborts the request if the amount of buffered data is over the limit by sending 413 or 500 responses. However when locally generated response is sent because of the internal buffer overflows while response is processed by the filter chain the operation may not be aborted correctly and result in accessing a freed memory block. CVE-2021-43824: Envoy crashes when using the JWT filter with a "safe_regex" match rule and a specially crafted request like "CONNECT host:port HTTP/1.1". When reaching the JWT filter, a "safe_regex" rule should evaluate the URL path but there is none here, and Envoy crashes with segfaults. CVE-2022-21654: Envoy would incorrectly allow TLS session resumption after mTLS validation settings had been reconfigured. If a client certificate was allowed with the old configuration but disallowed with the new configuration, the client could resume the previous TLS session even though the current configuration should disallow it. Changes to the following settings are affected: match_subject_alt_names CRL changes allow_expired_certificate Trust_chain_verification only_verify_leaf_cert_crl CVE-2022-21657: Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS ser]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-008 www.secnews.physaphae.fr/article.php?IdArticle=8296094 False Guideline None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Anthos Service Mesh security bulletin.

---

The following Envoy and Istio CVEs expose Anthos Service Mesh and Istio on GKE to remotely exploitable vulnerabilities: CVE-2022-31045: Istio data plane can potentially access memory unsafely when the Metadata Exchange and Stats extensions are enabled. CVE-2022-29225: Data can exceed intermediate buffer limits if a malicious attacker passes a small highly compressed payload (zip bomb attack). CVE-2021-29224: Potential null pointer dereference in GrpcHealthCheckerImpl. CVE-2021-29226: OAuth filter allows trivial bypass. CVE-2022-29228: OAuth filter can corrupt memory (earlier versions) or trigger an ASSERT() (later versions). CVE-2022-29227: Internal redirects crash for requests with body or trailers. For instructions and more details, see the Anthos Service Mesh security bulletin. Critical CVE-2022-31045 CVE-2022-29225 CVE-2021-29224 CVE-2021-29226 CVE-2022-29228 CVE-2022-29227 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-015 www.secnews.physaphae.fr/article.php?IdArticle=8296087 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE Sandbox are not affected by these vulnerabilities.

---

2022-07-21 Update: additional information on Anthos clusters on VMware.

---

A new vulnerability (CVE-2022-1786) has been discovered in the Linux kernel versions 5.10 and 5.11. This vulnerability allows an unprivileged user with local access to the cluster to achieve a full container breakout to root on the node. Only clusters that run Container-Optimized OS are affected. GKE Ubuntu versions use either version 5.4 or 5.15 of the kernel and are not affected. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-1786 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-017 www.secnews.physaphae.fr/article.php?IdArticle=8296085 True Vulnerability Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Backend Service could have been vulnerable to an untrusted party under limited conditions. This addresses an issue reported through our Vulnerability Reward Program. The conditions were that the servers:Were HTTP(S) load balancers andUsed a default backend or a backend that had a wildcard host mapping rule (that is, host="*") In addition, a user in your organization must have clicked a specifically-crafted link sent by an untrusted party.This issue has now been resolved. IAP has been updated to issue cookies only to authorized hosts as of September 17, 2021. A host is considered authorized if it matches at least one Subject Alternative Name (SAN) in one of the certificates installed on your load balancers.What to do Some of your users may experience an HTTP 401 Unauthorized response with an IAP error code 52 while trying to access apps or services. This error code means that the client sent a Host header which does not match any Subject Alternative Names associated with the load balancer's SSL certificate(s). The load balancer administrator needs to update the SSL certificate to ensure that the Subject Alternative Name (SAN) list contains all the hostnames through which users are accessing the IAP-protected apps or services. Learn more about IAP error codes. High ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2021-020 www.secnews.physaphae.fr/article.php?IdArticle=8296105 False Vulnerability None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Anthos Service Mesh security bulletin. High CVE-2022-39278 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#GCP-2022-020 www.secnews.physaphae.fr/article.php?IdArticle=8296082 True None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform A new vulnerability, CVE-2022-20409, has been discovered in the Linux kernel that could allow an unprivileged user to escalate to system execution privilege. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-20409 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-022 www.secnews.physaphae.fr/article.php?IdArticle=8296080 True None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform Two new vulnerabilities (CVE-2022-2585 and CVE-2022-2588) have been discovered in the Linux kernel that can lead to a full container break out to root on the node. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-2585 CVE-2022-2588 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-024 www.secnews.physaphae.fr/article.php?IdArticle=8296078 True Guideline None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin Medium CVE-2022-23648 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-013 www.secnews.physaphae.fr/article.php?IdArticle=8296089 False Vulnerability Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform There is a misconfiguration with Simultaneous Multi-Threading (SMT), also known as Hyper-threading, on GKE Sandbox images. The misconfiguration leaves nodes potentially exposed to side channel attacks such as Microarchitectural Data Sampling (MDS) (for more context, see GKE Sandbox documentation). We do not recommend using the following affected versions: 1.22.4-gke.1501 1.22.6-gke.300 1.23.2-gke.300 1.23.3-gke.600 For instructions and more details, see the: GKE security bulletin. Medium ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-011 www.secnews.physaphae.fr/article.php?IdArticle=8296091 False None Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on bare metal security bulletin Medium CVE-2020-8561 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2021-021 www.secnews.physaphae.fr/article.php?IdArticle=8296103 False None Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform CVE-2021-4034, has been discovered in pkexec, a part of the Linux policy kit package (polkit), that allows an authenticated user to perform a privilege escalation attack. PolicyKit is generally used only on Linux desktop systems to allow non-root users to perform actions such as rebooting the system, installing packages, restarting services etc, as governed by a policy. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin Anthos on Azure security bulletin None CVE-2021-4034 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-004 www.secnews.physaphae.fr/article.php?IdArticle=8296098 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin. Low ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2021-019 www.secnews.physaphae.fr/article.php?IdArticle=8296101 False None None 3.0000000000000000