Back to bug 2215555
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2023-06-16 13:59:47 UTC | Depends On | 2215556 | |
| Guilherme de Almeida Suckevicz | 2023-06-16 14:00:31 UTC | Blocks | 2215557 | |
| Guilherme de Almeida Suckevicz | 2023-06-16 14:03:52 UTC | Depends On | 2215560, 2215561, 2215559 | |
| Avinash Hanwate | 2023-06-20 15:21:07 UTC | CC | adudiak, dfreiber, jburrell, kshier, rogbas, stcannon, tfister, vkumar | |
| CC | amctagga, aveerama, dhughes, dsimansk, dymurray, eglynn, ellin, jjoyce, jmatthew, lball, lhh, matzew, mburns, mgarciac, muagarwa, nbecker, nobody, ocs-bugs, pgrist, rgarg, rhos-maint, rhuss, rjohnson, scorneli, shbose, skontopo, ubhargav, whayutin | |||
| TEJ RATHI | 2023-06-28 09:37:05 UTC | CC | jchaloup | |
| TEJ RATHI | 2023-06-28 09:38:41 UTC | CC | jchaloup | |
| Avinash Hanwate | 2023-07-03 05:43:33 UTC | Doc Text | A flaw was found in the Kubernetes. Kubernetes could allow a local authenticated attacker to bypass security restrictions, caused by a flaw when using localhost type for seccomp profile but specify an empty profile field. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the seccomp profile enforcement. | |
| Summary | TRIAGE-CVE-2023-2431 kubernetes: Bypass of seccomp profile enforcement | CVE-2023-2431 kubernetes: Bypass of seccomp profile enforcement | ||
| Alias | TRIAGE-CVE-2023-2431 | CVE-2023-2431 | ||
| Avinash Hanwate | 2023-07-03 05:52:25 UTC | Depends On | 2219241, 2219239, 2219238, 2219240, 2219242 | |
| Avinash Hanwate | 2023-07-03 06:19:51 UTC | Depends On | 2219260 | |
| RaTasha Tillery-Smith | 2023-07-03 12:23:12 UTC | Doc Text | A flaw was found in the Kubernetes. Kubernetes could allow a local authenticated attacker to bypass security restrictions, caused by a flaw when using localhost type for seccomp profile but specify an empty profile field. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the seccomp profile enforcement. | A flaw was found in Kubernetes. This issue occurs when Kubernetes allows a local authenticated attacker to bypass security restrictions, caused by a flaw when using the localhost type for a seccomp profile but specifying an empty profile field. An attacker can bypass the seccomp profile enforcement by sending a specially crafted request. |
| Red Hat Bugzilla | 2023-07-07 08:28:00 UTC | Assignee | security-response-team | nobody |
| Red Hat Bugzilla | 2023-08-03 08:28:04 UTC | CC | ocs-bugs | |
| Borja Tarraso | 2023-08-09 06:23:31 UTC | CC | davidn, epacific, jcammara, jneedle, jobarker, mabashia, osapryki, smcdonal, teagle, zsadeh |
Back to bug 2215555