CVE-2023-2431

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-2431

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2431.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-2431

Aliases

Related

Published

2023-06-16T08:15:08Z

Modified

2024-12-12T16:15:07Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.

References

Affected packages

Debian:11 / kubernetes

Package

Name: kubernetes
Purl: pkg:deb/debian/kubernetes?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.20.5+really1.20.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / kubernetes

Package

Name: kubernetes
Purl: pkg:deb/debian/kubernetes?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.20.5+really1.20.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/kubernetes/kubelet

Affected ranges

Type: GIT
Repo: https://github.com/kubernetes/kubelet
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e222ce84c343045e6a50a93a3a71b4d94c72e141