PT-2021-10088 · Openshift+1 · Openshift+1
Published
2021-06-07
·
Updated
2021-06-22
·
CVE-2020-1750
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
machine-config-operator versions prior to 4.2.36
machine-config-operator versions prior to 4.3.25
machine-config-operator versions prior to 4.4.3
Description:
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An attacker could use this flaw to deny access to schedule new pods in the OpenShift cluster.
Recommendations:
For versions prior to 4.2.36, update to version 4.2.36 or later.
For versions prior to 4.3.25, update to version 4.3.25 or later.
For versions prior to 4.4.3, update to version 4.4.3 or later.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openshift
Machine-Config-Operator