vulnerability

Oracle Linux: CVE-2020-16845: ELSA-2020-5825: kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update (IMPORTANT) (Multiple Advisories)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Aug 6, 2020
Added
Aug 25, 2020
Modified
Jan 8, 2025

Description

Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.

Solution(s)

oracle-linux-upgrade-conmonoracle-linux-upgrade-corednsoracle-linux-upgrade-cri-ooracle-linux-upgrade-cri-toolsoracle-linux-upgrade-delveoracle-linux-upgrade-docker-clioracle-linux-upgrade-docker-engineoracle-linux-upgrade-etcdoracle-linux-upgrade-flanneloracle-linux-upgrade-golangoracle-linux-upgrade-golang-binoracle-linux-upgrade-golang-docsoracle-linux-upgrade-golang-miscoracle-linux-upgrade-golang-raceoracle-linux-upgrade-golang-srcoracle-linux-upgrade-golang-testsoracle-linux-upgrade-go-toolsetoracle-linux-upgrade-grafanaoracle-linux-upgrade-helmoracle-linux-upgrade-istiooracle-linux-upgrade-istio-citadeloracle-linux-upgrade-istio-galleyoracle-linux-upgrade-istio-istioctloracle-linux-upgrade-istio-mixcoracle-linux-upgrade-istio-mixsoracle-linux-upgrade-istio-node-agentoracle-linux-upgrade-istio-pilot-agentoracle-linux-upgrade-istio-pilot-discoveryoracle-linux-upgrade-istio-proxy-initoracle-linux-upgrade-istio-sidecar-injectororacle-linux-upgrade-kataoracle-linux-upgrade-kata-agentoracle-linux-upgrade-kata-imageoracle-linux-upgrade-kata-ksm-throttleroracle-linux-upgrade-kata-proxyoracle-linux-upgrade-kata-runtimeoracle-linux-upgrade-kata-shimoracle-linux-upgrade-kubeadmoracle-linux-upgrade-kubeadm-ha-setuporacle-linux-upgrade-kubectloracle-linux-upgrade-kubeletoracle-linux-upgrade-kubernetes-cnioracle-linux-upgrade-kubernetes-cni-pluginsoracle-linux-upgrade-kubernetes-dashboardoracle-linux-upgrade-olcne-agentoracle-linux-upgrade-olcne-api-serveroracle-linux-upgrade-olcnectloracle-linux-upgrade-olcne-istio-chartoracle-linux-upgrade-olcne-nginxoracle-linux-upgrade-olcne-prometheus-chartoracle-linux-upgrade-olcne-utilsoracle-linux-upgrade-prometheusoracle-linux-upgrade-yq
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.