SUSE SLES15 Security Update : kubernetes1.23 (SUSE-SU-2023:2292-1)

high Nessus Plugin ID 176412

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2292-1 advisory.

- Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. (CVE-2021-25749)

- Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group. (CVE-2022-3162)

- Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.
(CVE-2022-3294)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kubernetes1.23-client and / or kubernetes1.23-client-common packages.

See Also

https://lists.suse.com/pipermail/sle-updates/2023-May/029534.html

https://www.suse.com/security/cve/CVE-2021-25749

https://www.suse.com/security/cve/CVE-2022-3162

https://www.suse.com/security/cve/CVE-2022-3294

Plugin Details

Severity: High

ID: 176412

File Name: suse_SU-2023-2292-1.nasl

Version: 1.2

Type: local

Agent: unix

Published: 5/26/2023

Updated: 7/14/2023

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-3294

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kubernetes1.23-client, p-cpe:/a:novell:suse_linux:kubernetes1.23-client-common, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/25/2023

Vulnerability Publication Date: 11/18/2022

Reference Information

CVE: CVE-2021-25749, CVE-2022-3162, CVE-2022-3294

SuSE: SUSE-SU-2023:2292-1