containernetworking-plugins-0.8.3-3.el7
エラータID: AXSA:2020-186:02
The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.
Security Fix(es):
* containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-10749
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
Update packages.
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
N/A
SRPMS
- containernetworking-plugins-0.8.3-3.el7.src.rpm
MD5: f434f62ae27d34c46efeb71525c10834
SHA-256: c847c08692fdae2200ec904c3ce89713f4a7f78d33050af5f702393422426758
Size: 1.85 MB
Asianux Server 7 for x86_64
- containernetworking-plugins-0.8.3-3.el7.x86_64.rpm
MD5: 2597049a7f2d396ffbc770fc11f1b615
SHA-256: 7112d139c817dbcbbcb985b360b942c82322545140c9579eae349de725dca815
Size: 19.70 MB
日本語