github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-21 10:51:29 +00:00
Code Issues Projects Releases Wiki Activity

Add CVE-2021-25749 to CHANGELOG-1.23.md

Browse Source 
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
This commit is contained in:
Marko Mudrinić 2022-11-10 19:43:53 +01:00
parent d34373cdbe
commit ecfc7f189d
No known key found for this signature in database
GPG Key ID: F15730C52ACE0E9D
1 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
CHANGELOG/CHANGELOG-1.23.md
View File

@ -56,6 +56,7 @@
- [Changelog since v1.23.10](#changelog-since-v12310)
- [Important Security Information](#important-security-information-1)
- [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)
- [CVE-2021-25749: `runAsNonRoot` logic bypass for Windows containers](#cve-2021-25749-runasnonroot-logic-bypass-for-windows-containers)
- [Changes by Kind](#changes-by-kind-3)
- [Bug or Regression](#bug-or-regression-3)
- [Dependencies](#dependencies-3)
@ -803,6 +804,54 @@ This vulnerability was reported by Nicolas Joly & Weinong Wang from Microsoft
**CVSS Rating:** Medium (5.1) [CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L)
### CVE-2021-25749: `runAsNonRoot` logic bypass for Windows containers
A security issue was discovered in Kubernetes that could allow Windows workloads to run as `ContainerAdministrator` even when those workloads set the `runAsNonRoot` option to `true `.
This issue has been rated low and assigned CVE-2021-25749
**Am I vulnerable?**
All Kubernetes clusters with following versions, running Windows workloads with `runAsNonRoot` are impacted
**Affected Versions**:
- kubelet v1.20 - v1.21
- kubelet v1.22.0 - v1.22.13
- kubelet v1.23.0 - v1.23.10
- kubelet v1.24.0 - v1.24.4
**How do I mitigate this vulnerability?**
There are no known mitigations to this vulnerability.
**Fixed Versions**:
- kubelet v1.22.14
- kubelet v1.23.11
- kubelet v1.24.5
- kubelet v1.25.0
To upgrade, refer to this documentation _For core Kubernetes:_ https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster
**Detection**:
Kubernetes Audit logs may indicate if the user name was misspelled to bypass the restriction placed on which user is a pod allowed to run as.
If you find evidence that this vulnerability has been exploited, please contact security@kubernetes.io
**Additional Details**:
See the GitHub issue for more details: https://github.com/kubernetes/kubernetes/issues/112192
**Acknowledgements**:
This vulnerability was reported and fixed by Mark Rosetti (@marosset)
**CVSS Rating:** Low (3.4) [CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C)
## Changes by Kind
### Bug or Regression