The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Kubernetes

vulnerability alert CVE-2017-16997

glibc: code execution via RPATH

Synthesis of the vulnerability

An attacker can use a vulnerability via RPATH of glibc, in order to run code.
Impacted products: Fedora, Kubernetes, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 15/01/2018.
Identifiers: CVE-2017-16997, FEDORA-2018-7714b514e2, FEDORA-2018-8e27ad96ed, openSUSE-SU-2018:0089-1, RHSA-2018:3092-01, SUSE-SU-2018:0074-1, USN-3534-1, VIGILANCE-VUL-25041.

Description of the vulnerability

An attacker can use a vulnerability via RPATH of glibc, in order to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-15670

glibc: memory leak via glob

Synthesis of the vulnerability

An attacker can create a memory leak via glob() of glibc, in order to trigger a denial of service.
Impacted products: Fedora, Kubernetes, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 15/01/2018.
Identifiers: CVE-2017-15670, FEDORA-2018-8e27ad96ed, openSUSE-SU-2018:0089-1, RHSA-2018:0805-01, RHSA-2018:1879-01, SUSE-SU-2018:0074-1, SUSE-SU-2018:2185-1, SUSE-SU-2018:2187-1, SUSE-SU-2018:2883-1, USN-3534-1, VIGILANCE-VUL-25039.

Description of the vulnerability

An attacker can create a memory leak via glob() of glibc, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-1000408

glibc: memory leak via LD_HWCAP_MASK

Synthesis of the vulnerability

An attacker can create a memory leak via LD_HWCAP_MASK of glibc, in order to trigger a denial of service.
Impacted products: Fedora, Kubernetes, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 03/01/2018.
Identifiers: CVE-2017-1000408, FEDORA-2017-828f8a8fc6, openSUSE-SU-2018:0089-1, SUSE-SU-2018:0074-1, USN-3534-1, VIGILANCE-VUL-24924.

Description of the vulnerability

An attacker can create a memory leak via LD_HWCAP_MASK of glibc, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-15804

glibc: buffer overflow via User Names Unescaping

Synthesis of the vulnerability

An attacker can generate a buffer overflow via User Names Unescaping of glibc, in order to trigger a denial of service, and possibly to run code.
Impacted products: Fedora, Kubernetes, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 20/12/2017.
Identifiers: CVE-2017-15804, FEDORA-2017-fb5e227432, openSUSE-SU-2018:0089-1, RHSA-2018:0805-01, RHSA-2018:1879-01, SUSE-SU-2018:0074-1, SUSE-SU-2018:2185-1, SUSE-SU-2018:2187-1, SUSE-SU-2018:2883-1, USN-3534-1, VIGILANCE-VUL-24838.

Description of the vulnerability

An attacker can generate a buffer overflow via User Names Unescaping of glibc, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-13704 CVE-2017-14491 CVE-2017-14492

Dnsmasq: seven vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Dnsmasq.
Impacted products: ArubaOS, Debian, Dnsmasq, Fedora, Android OS, Kubernetes, openSUSE Leap, pfSense, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 02/10/2017.
Identifiers: ARUBA-PSA-2017-005, CERTFR-2017-AVI-329, CVE-2017-13704, CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, DLA-1124-1, DSA-3989-1, FEDORA-2017-24f067299e, FEDORA-2017-515264ae24, openSUSE-SU-2017:2633-1, OSSN/OSSN-0082, RHSA-2017:2836-01, RHSA-2017:2837-01, RHSA-2017:2838-01, RHSA-2017:2839-01, RHSA-2017:2840-01, RHSA-2017:2841-01, SSA:2017-275-01, SUSE-SU-2017:2616-1, SUSE-SU-2017:2617-1, SUSE-SU-2017:2619-1, Synology-SA-17:59, USN-3430-1, USN-3430-2, USN-3430-3, VIGILANCE-VUL-24005, VU#973527.

Description of the vulnerability

An attacker can use several vulnerabilities of Dnsmasq.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-1000117

Git: code execution via ssh

Synthesis of the vulnerability

An attacker can use a vulnerability via ssh of Git, in order to run code.
Impacted products: Debian, Fedora, Kubernetes, openSUSE Leap, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 3/4.
Consequences: user access/rights.
Provenance: internet server.
Creation date: 11/08/2017.
Identifiers: bulletinjul2017, CVE-2017-1000117, DLA-1068-1, DSA-3934-1, FEDORA-2017-8ba7572cfd, FEDORA-2017-b1b3ae6666, openSUSE-SU-2017:2182-1, openSUSE-SU-2017:2331-1, RHSA-2017:2484-01, RHSA-2017:2485-01, RHSA-2017:2491-01, SSA:2017-223-01, SUSE-SU-2017:2225-1, SUSE-SU-2017:2320-1, Synology-SA-17:41, USN-3387-1, VIGILANCE-VUL-23503.

Description of the vulnerability

An attacker can use a vulnerability via ssh of Git, in order to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-1000366

glibc: privilege escalation via Setuid Stack

Synthesis of the vulnerability

An attacker can bypass restrictions via Setuid Stack of glibc, in order to escalate his privileges.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, Junos Space, Kubernetes, McAfee Web Gateway, openSUSE Leap, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 20/06/2017.
Revision date: 29/06/2017.
Identifiers: CERTFR-2017-AVI-238, CERTFR-2017-AVI-365, CVE-2017-1000366, DLA-992-1, DSA-3887-1, FEDORA-2017-698daef73c, FEDORA-2017-79414fefa1, FEDORA-2017-d80ab96e61, JSA10824, JSA10826, JSA10917, K20486351, openSUSE-SU-2017:1629-1, RHSA-2017:1479-01, RHSA-2017:1480-01, RHSA-2017:1481-01, SB10205, SSA:2017-181-01, SUSE-SU-2017:1611-1, SUSE-SU-2017:1614-1, SUSE-SU-2017:1619-1, SUSE-SU-2017:1621-1, Synology-SA-17:22, USN-3323-1, USN-3323-2, VIGILANCE-VUL-23005.

Description of the vulnerability

An attacker can bypass restrictions via Setuid Stack of glibc, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-7507

GnuTLS: denial of service via TLS

Synthesis of the vulnerability

An attacker can send malicious TLS packets to GnuTLS, in order to trigger a denial of service.
Impacted products: Debian, Fedora, Kubernetes, openSUSE Leap, Solaris, RHEL, Ubuntu.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: document.
Creation date: 12/06/2017.
Identifiers: bulletinjul2017, CVE-2017-7507, DSA-3884-1, FEDORA-2017-7936341c80, FEDORA-2017-f0d48eabe6, FEDORA-2017-f646217583, openSUSE-SU-2017:1875-1, RHSA-2017:2292-01, USN-3318-1, VIGILANCE-VUL-22944.

Description of the vulnerability

An attacker can send malicious TLS packets to GnuTLS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-6512

Perl File-Path: permission tampering

Synthesis of the vulnerability

A local attacker can create a symbolic link, in order to change the access rights assigned to the pointed file, with the privileges of the process using the Perl module File::Path.
Impacted products: Debian, Fedora, Kubernetes, OpenBSD, openSUSE Leap, Solaris, Ubuntu.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: user shell.
Creation date: 06/06/2017.
Identifiers: bulletinjan2019, CVE-2017-6512, DLA-978-1, DSA-3873-1, FEDORA-2017-212f07c853, FEDORA-2017-4e981a51e6, FEDORA-2017-dd42592f9a, openSUSE-SU-2017:3101-1, USN-3625-1, USN-3625-2, VIGILANCE-VUL-22899.

Description of the vulnerability

A local attacker can create a symbolic link, in order to change the access rights assigned to the pointed file, with the privileges of the process using the Perl module File::Path.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2015-8270 CVE-2015-8271 CVE-2015-8272

rtmpdump: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of rtmpdump.
Impacted products: Debian, Kubernetes, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 26/04/2017.
Identifiers: CVE-2015-8270, CVE-2015-8271, CVE-2015-8272, DLA-917-1, DSA-3850-1, USN-3283-1, USN-3283-2, VIGILANCE-VUL-22555.

Description of the vulnerability

Several vulnerabilities were announced in rtmpdump.

An attacker can trigger a fatal error via AMF3ReadString, in order to trigger a denial of service. [severity:2/4; CVE-2015-8270]

An attacker can use a vulnerability via AMF3_Decode(), in order to run code. [severity:2/4; CVE-2015-8271]

An attacker can trigger a fatal error via rtmpsrv, in order to trigger a denial of service. [severity:2/4; CVE-2015-8272]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Kubernetes: