vulnerability
Oracle Linux: CVE-2020-16845: ELSA-2020-5825: kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Aug 6, 2020 | Aug 25, 2020 | Jan 8, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Aug 6, 2020
Added
Aug 25, 2020
Modified
Jan 8, 2025
Description
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
Solution(s)
oracle-linux-upgrade-conmonoracle-linux-upgrade-corednsoracle-linux-upgrade-cri-ooracle-linux-upgrade-cri-toolsoracle-linux-upgrade-delveoracle-linux-upgrade-docker-clioracle-linux-upgrade-docker-engineoracle-linux-upgrade-etcdoracle-linux-upgrade-flanneloracle-linux-upgrade-golangoracle-linux-upgrade-golang-binoracle-linux-upgrade-golang-docsoracle-linux-upgrade-golang-miscoracle-linux-upgrade-golang-raceoracle-linux-upgrade-golang-srcoracle-linux-upgrade-golang-testsoracle-linux-upgrade-go-toolsetoracle-linux-upgrade-grafanaoracle-linux-upgrade-helmoracle-linux-upgrade-istiooracle-linux-upgrade-istio-citadeloracle-linux-upgrade-istio-galleyoracle-linux-upgrade-istio-istioctloracle-linux-upgrade-istio-mixcoracle-linux-upgrade-istio-mixsoracle-linux-upgrade-istio-node-agentoracle-linux-upgrade-istio-pilot-agentoracle-linux-upgrade-istio-pilot-discoveryoracle-linux-upgrade-istio-proxy-initoracle-linux-upgrade-istio-sidecar-injectororacle-linux-upgrade-kataoracle-linux-upgrade-kata-agentoracle-linux-upgrade-kata-imageoracle-linux-upgrade-kata-ksm-throttleroracle-linux-upgrade-kata-proxyoracle-linux-upgrade-kata-runtimeoracle-linux-upgrade-kata-shimoracle-linux-upgrade-kubeadmoracle-linux-upgrade-kubeadm-ha-setuporacle-linux-upgrade-kubectloracle-linux-upgrade-kubeletoracle-linux-upgrade-kubernetes-cnioracle-linux-upgrade-kubernetes-cni-pluginsoracle-linux-upgrade-kubernetes-dashboardoracle-linux-upgrade-olcne-agentoracle-linux-upgrade-olcne-api-serveroracle-linux-upgrade-olcnectloracle-linux-upgrade-olcne-istio-chartoracle-linux-upgrade-olcne-nginxoracle-linux-upgrade-olcne-prometheus-chartoracle-linux-upgrade-olcne-utilsoracle-linux-upgrade-prometheusoracle-linux-upgrade-yq
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.