Bug 2227126 (CVE-2023-3676) - CVE-2023-3676 kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation
Summary: CVE-2023-3676 kubernetes: Insufficient input sanitization on Windows nodes le...
Keywords:
Status: NEW
Alias: CVE-2023-3676
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2227127
TreeView+ depends on / blocked
 
Reported: 2023-07-28 04:46 UTC by Avinash Hanwate
Modified: 2023-11-27 16:08 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in Kubernetes. This flaw allows a user who can create pods on Windows nodes to escalate to admin privileges on those nodes.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:4777 0 None None None 2023-08-28 15:26:49 UTC
Red Hat Product Errata RHSA-2023:4780 0 None None None 2023-08-28 17:53:28 UTC
Red Hat Product Errata RHSA-2023:4835 0 None None None 2023-08-29 09:24:55 UTC
Red Hat Product Errata RHSA-2023:4885 0 None None None 2023-08-30 16:34:24 UTC
Red Hat Product Errata RHSA-2023:7515 0 None None None 2023-11-27 16:08:40 UTC

Description Avinash Hanwate 2023-07-28 04:46:13 UTC
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those 
nodes. Kubernetes clusters are only affected if they include Windows nodes.

Any Kubernetes environment with Windows nodes is impacted. Run kubectl get nodes -l kubernetes.io/os=windows to see if any Windows nodes are in use.

Comment 3 errata-xmlrpc 2023-08-28 15:26:48 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12

Via RHSA-2023:4777 https://access.redhat.com/errata/RHSA-2023:4777

Comment 4 errata-xmlrpc 2023-08-28 17:53:27 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.11

Via RHSA-2023:4780 https://access.redhat.com/errata/RHSA-2023:4780

Comment 5 errata-xmlrpc 2023-08-29 09:24:54 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.10

Via RHSA-2023:4835 https://access.redhat.com/errata/RHSA-2023:4835

Comment 6 errata-xmlrpc 2023-08-30 16:34:23 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2023:4885 https://access.redhat.com/errata/RHSA-2023:4885

Comment 7 errata-xmlrpc 2023-11-27 16:08:38 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2023:7515 https://access.redhat.com/errata/RHSA-2023:7515


Note You need to log in before you can comment on or make changes to this bug.