918089 – (CVE-2023-3676, CVE-2023-3955) <sys-cluster/kubelet-{1.24.17,1.25.13,1.26.8,1.27.5,1.28.1}: multiple vulnerabilities

Bug 918089 (CVE-2023-3676, CVE-2023-3955) - <sys-cluster/kubelet-{1.24.17,1.25.13,1.26.8,1.27.5,1.28.1}: multiple vulnerabilities

Summary: <sys-cluster/kubelet-{1.24.17,1.25.13,1.26.8,1.27.5,1.28.1}: multiple vulnera...

Status:	RESOLVED FIXED

Alias:	CVE-2023-3676, CVE-2023-3955

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2023-11-23 17:50 UTC by John Helmert III
Modified:	2023-11-23 17:51 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2023-11-23 17:50:41 UTC

CVE-2023-3676 (https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc):

A security issue was discovered in Kubernetes where a user
 that can create pods on Windows nodes may be able to escalate to admin 
privileges on those nodes. Kubernetes clusters are only affected if they
 include Windows nodes.

Issue: https://github.com/kubernetes/kubernetes/issues/119339

CVE-2023-3955 (https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E):

A security issue was discovered in Kubernetes where a user
 that can create pods on Windows nodes may be able to escalate to admin 
privileges on those nodes. Kubernetes clusters are only affected if they
 include Windows nodes.

Issue: https://github.com/kubernetes/kubernetes/issues/119595