PT-2023-3615 · Kubelet+2 · Kubelet+2

Craig Ingram

Publicado

2023-06-15

Atualizado

2026-02-07

CVE-2023-2431

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Kubelet (affected versions not specified)

Description A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field are affected by this issue, allowing the pod to run in unconfined (seccomp disabled) mode. The issue is related to insufficient input validation, which can be exploited to configure certain modules to work in an unconfined mode.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1287

Identificadores relacionados

ALT-PU-2023-4364

ALT-PU-2023-4397

ALT-PU-2023-4458

BDU:2023-03899

CVE-2023-2431

GHSA-XC8M-28VV-4PJC

GO-2023-1864

OESA-2023-1413

OESA-2023-1414

OESA-2023-1415

OESA-2023-1416

OPENSUSE-SU-2024:13013-1

OPENSUSE-SU-2025:15424-1

ROSA-SA-2024-2405

SUSE-SU-2023:2691-1

SUSE-SU-2023_2691-1

SUSE-SU-2025:02423-1

SUSE-SU-2025:02423-2

SUSE-SU-2025_02423-2

Produtos afetados

Alt Linux

Kubelet

Suse

PT-2023-3615 · Kubelet+2 · Kubelet+2

CVE-2023-2431

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 100