Mailinglist Archive: opensuse-factory (188 mails)

< Previous Next >
Re: [opensuse-factory] K8s vulnerability
On Tue, Dec 04, 2018 at 08:52:30PM +0100, Liam Proven wrote:
I have only seen this in a Twitter post so far, and it sounds quite
nasty so I thought I'd bring it to wider attention.

https://twitter.com/IanColdwater/status/1069710608340275201

«
More info on CVE-2018-1002105. Recently disclosed Kubernetes
vulnerability allows all users, authenticated and unauthenticated,
backdoor administrative access to the API server, including the
kubelet...and it can't easily be detected in logs.
»

https://github.com/kubernetes/kubernetes/issues/71411

https://www.suse.com/de-de/security/cve/CVE-2018-1002105/
https://bugzilla.suse.com/show_bug.cgi?id=1118260

Ciao, Marcus
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
References