Kubernetes Multiple Vulnerabilities
Release Date:
17 Oct 2024
3210
Views
RISK: Medium Risk
TYPE: Operating Systems - Application Platforms
Multiple vulnerabilities were identified in Kubernetes. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass and elevation of privilege on the targeted system.
Impact
- Security Restriction Bypass
- Elevation of Privilege
System / Technologies affected
- Kubernetes Image Builder version v0.1.37 or earlier
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to Kubernetes Image Builder v0.1.38 or later
Vulnerability Identifier
Source
Related Link
- https://kubernetes.io/docs/reference/issues-security/official-cve-feed/
- https://discuss.kubernetes.io/t/security-advisory-cve-2024-9486-and-cve-2024-9594-vm-images-built-with-kubernetes-image-builder-use-default-credentials/30119
- https://github.com/kubernetes/kubernetes/issues/128006
- https://github.com/kubernetes/kubernetes/issues/128007
Share with