SB2020042706 - OpenSUSE Linux update for kubernetes 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020042706

SB2020042706 - OpenSUSE Linux update for kubernetes

Published: April 27, 2020 Updated: December 15, 2022

Security Bulletin ID SB2020042706
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 43% Medium 29% Low 29%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Privilege escalation (CVE-ID: CVE-2016-5195)

The vulnerability allows a  local user to obtain elevated privileges on the target system.
The weakness is due to race condition in the kernel memory subsystem in the management of copy-on-write operations on read-only memory mappings that lets attackers to overwrite kernel memory and gain kernel-level privileges.
Successful exploitation of the vulnerability results in gaining of root privileges on the vulnerable system.

Note: the vulnerability was being actively exploited.

2) Integer overflow (CVE-ID: CVE-2016-8859)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow when processing a large number of states or tags. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Information disclosure (CVE-ID: CVE-2017-1002101)

The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.

The weakness exists due to improper security restrictions when using subpath volume mounts with any volume type. A remote attacker can gain unauthorized access to files and directories.

4) Privilege escalation (CVE-ID: CVE-2018-1002105)

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The weakness exists due to an error when handling proxy requests. With a specially crafted request, users that are authorized to establish a connection through the Kubernetes API server to a backend server can then send arbitrary requests over the same connection directly to that backend, authenticated with the Kubernetes API server’s TLS credentials used to establish the backend connection.

5) Command injection (CVE-ID: CVE-2018-16873)

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The vulnerability exists in the go get command due to import path of a malicious Go package, or a package that imports it directly or indirectly. A remote unauthenticated attacker can use a vanity import path that ends with "/.git", use custom domains to arrange things so that a Git repository is cloned to a folder named ".git", trick the victim into considering the parent directory as a repository root, and run Git commands on it that will use the "config" file in the original Git repository root for its configuration, and if that config file contains malicious commands, and execute arbitrary code on the system running "go get -u".

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


6) Path traversal (CVE-ID: CVE-2018-16874)

The vulnerability allows a remote attacker to conduct a directory traversal attack on the target system.

The vulnerability exists in the go get command due to path traversal attack when the affected software executes the go get command with the import path of a Go package that contains curly braces. A remote unauthenticated attacker can execute the go get command, trick the victim into accessing a Go package that submits malicious input, conduct a directory traversal attack, which the attacker can use to execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


7) Cleartext transmission of sensitive information (CVE-ID: CVE-2019-10214)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to containers/image library library does not enforce TLS connection by default. A remote attacker with ability to perform MitM attack can gain accecss to sensitive information.


Remediation

Install update from vendor's website.

References