Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2024-0389)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2024.0389

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2024-0389)

Resumen: The remote host is missing an update for the 'kubernetes' package(s) announced via the MGASA-2024-0389 advisory.

Descripción: Summary:
The remote host is missing an update for the 'kubernetes' package(s) announced via the MGASA-2024-0389 advisory.

Vulnerability Insight:
A security issue was discovered in Kubernetes where users may be able to
launch containers that bypass the mountable secrets policy enforced by
the ServiceAccount admission plugin when using containers, init
containers, and ephemeral containers with the envFrom field populated.
The policy ensures pods running with a service account may only
reference secrets specified in the service account's secrets field.
Kubernetes clusters are only affected if the ServiceAccount admission
plugin and the kubernetes.io/enforce-mountable-secrets annotation are
used together with containers, init containers, and ephemeral containers
with the envFrom field populated. CVE-2024-3177
The Kubernetes kubelet component allows arbitrary command execution via
specially crafted gitRepo volumes. CVE-2024-10220

Affected Software/OS:
'kubernetes' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-10220
Common Vulnerability Exposure (CVE) ID: CVE-2024-3177
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL54MTLGMTBZZO5PYGEGEBERTMADC4WC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/
https://github.com/kubernetes/kubernetes/issues/124336
https://groups.google.com/g/kubernetes-security-announce/c/JxjHf7fkVd8/m/oVCzypyOAQAJ
http://www.openwall.com/lists/oss-security/2024/04/16/4

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0389
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0389)
Resumen:	The remote host is missing an update for the 'kubernetes' package(s) announced via the MGASA-2024-0389 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kubernetes' package(s) announced via the MGASA-2024-0389 advisory. Vulnerability Insight: A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account's secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. CVE-2024-3177 The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes. CVE-2024-10220 Affected Software/OS: 'kubernetes' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-10220 Common Vulnerability Exposure (CVE) ID: CVE-2024-3177 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL54MTLGMTBZZO5PYGEGEBERTMADC4WC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://github.com/kubernetes/kubernetes/issues/124336 https://groups.google.com/g/kubernetes-security-announce/c/JxjHf7fkVd8/m/oVCzypyOAQAJ http://www.openwall.com/lists/oss-security/2024/04/16/4
Copyright	Copyright (C) 2024 Greenbone AG