CVE-2019-14891

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-14891

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14891.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-14891

Related

Withdrawn

2024-05-15T05:33:13.164644Z

Published

2019-11-25T11:15:11Z

Modified

2023-11-29T07:07:29.245340Z

Severity

5.0 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator

Summary

[none]

Details

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to get host network access on an cri-o host.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14891

Affected packages

Git / github.com/cri-o/cri-o

Affected ranges

Type: GIT
Repo: https://github.com/cri-o/cri-o
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

bf8fcf34c942ba973a4f694094b46f914c779c0a

Type: GIT
Repo: https://github.com/kubernetes-incubator/cri-o
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

bf8fcf34c942ba973a4f694094b46f914c779c0a

Affected versions

v0.*

v0.0.0

v0.1

v0.2

v0.3

v1.*

v1.0.0

v1.0.0-alpha.0

v1.0.0-beta.0

v1.0.0-rc1

v1.0.0-rc2

v1.0.0-rc3

v1.16.0

v1.16.0-rc1

v1.16.0-rc2

v1.8.0

v1.9.0-beta.1

v1.9.0-beta.2