Red Hat OpenShift Container Platform 4 update for machine-config-daemon and openshift
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2019-11254 CVE-2020-8558 CVE-2020-8945 |
| CWE-ID | CWE-400 CWE-420 CWE-416 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
openshift (Red Hat package) Operating systems & Components / Operating system package or component machine-config-daemon (Red Hat package) Operating systems & Components / Operating system package or component |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU30318
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-11254
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.
MitigationInstall updates from vendor's website.
openshift (Red Hat package): before 4.5.0-202007012112.p0.git.0.582d7fc.el7
machine-config-daemon (Red Hat package): before 4.5.0-202007012112.p0.git.2527.d12c3da.el8
CPE2.3- cpe:2.3:a:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:machine-config-daemon_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2020:2413
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Unprotected Alternate Channel
EUVDB-ID: #VU103955
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-8558
CWE-ID:
CWE-420 - Unprotected Alternate Channel
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to reach TCP and UDP services.
The vulnerability exists due to application does not properly control consumption of internal resources. An adjacent attacker can reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.
MitigationInstall updates from vendor's website.
openshift (Red Hat package): before 4.5.0-202007012112.p0.git.0.582d7fc.el7
machine-config-daemon (Red Hat package): before 4.5.0-202007012112.p0.git.2527.d12c3da.el8
CPE2.3- cpe:2.3:a:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:machine-config-daemon_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2020:2413
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use-after-free
EUVDB-ID: #VU25501
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-8945
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error, as demonstrated by use for container image pulls by Docker or CRI-O. A remote attacker can crash the target system, or cause potential code execution for Go applications that use this library under certain conditions during GPG signature verification.
MitigationInstall updates from vendor's website.
openshift (Red Hat package): before 4.5.0-202007012112.p0.git.0.582d7fc.el7
machine-config-daemon (Red Hat package): before 4.5.0-202007012112.p0.git.2527.d12c3da.el8
CPE2.3- cpe:2.3:a:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:machine-config-daemon_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2020:2413
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
