vulnerability
Oracle Linux: CVE-2020-16845: ELSA-2020-5825: kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | 2020-08-06 | 2020-08-25 | 2025-01-08 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
2020-08-06
Added
2020-08-25
Modified
2025-01-08
Description
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
Solution(s)
oracle-linux-upgrade-conmonoracle-linux-upgrade-corednsoracle-linux-upgrade-cri-ooracle-linux-upgrade-cri-toolsoracle-linux-upgrade-delveoracle-linux-upgrade-docker-clioracle-linux-upgrade-docker-engineoracle-linux-upgrade-etcdoracle-linux-upgrade-flanneloracle-linux-upgrade-golangoracle-linux-upgrade-golang-binoracle-linux-upgrade-golang-docsoracle-linux-upgrade-golang-miscoracle-linux-upgrade-golang-raceoracle-linux-upgrade-golang-srcoracle-linux-upgrade-golang-testsoracle-linux-upgrade-go-toolsetoracle-linux-upgrade-grafanaoracle-linux-upgrade-helmoracle-linux-upgrade-istiooracle-linux-upgrade-istio-citadeloracle-linux-upgrade-istio-galleyoracle-linux-upgrade-istio-istioctloracle-linux-upgrade-istio-mixcoracle-linux-upgrade-istio-mixsoracle-linux-upgrade-istio-node-agentoracle-linux-upgrade-istio-pilot-agentoracle-linux-upgrade-istio-pilot-discoveryoracle-linux-upgrade-istio-proxy-initoracle-linux-upgrade-istio-sidecar-injectororacle-linux-upgrade-kataoracle-linux-upgrade-kata-agentoracle-linux-upgrade-kata-imageoracle-linux-upgrade-kata-ksm-throttleroracle-linux-upgrade-kata-proxyoracle-linux-upgrade-kata-runtimeoracle-linux-upgrade-kata-shimoracle-linux-upgrade-kubeadmoracle-linux-upgrade-kubeadm-ha-setuporacle-linux-upgrade-kubectloracle-linux-upgrade-kubeletoracle-linux-upgrade-kubernetes-cnioracle-linux-upgrade-kubernetes-cni-pluginsoracle-linux-upgrade-kubernetes-dashboardoracle-linux-upgrade-olcne-agentoracle-linux-upgrade-olcne-api-serveroracle-linux-upgrade-olcnectloracle-linux-upgrade-olcne-istio-chartoracle-linux-upgrade-olcne-nginxoracle-linux-upgrade-olcne-prometheus-chartoracle-linux-upgrade-olcne-utilsoracle-linux-upgrade-prometheusoracle-linux-upgrade-yq
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.