Oracle Linux 7 : kubeadm-ha-setup (ELSA-2019-4717)

medium Nessus Plugin ID 180646

Synopsis

The remote Oracle Linux host is missing a security update.

Description

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-4717 advisory.

[0.0.2-1.0.52]
- [OLCNE-678] Restore fails when trying to restore after a failed update

[0.0.2-1.0.51]
- [OLCNE-667] Minor version update doesn't update kubeadm on all master nodes

[0.0.2-1.0.50]
- Make k8s 1.14 specific changes

[0.0.2-1.0.49]
- [OLCNE-668] Remove 1.10 and 1.11 version since they are incompatable

[0.0.2-1.0.48]
- [OLCNE-549] Support deploying 5 master nodes

[0.0.2-1.0.47]
- Only update/upgrade the controlplane images if they changed in the Release object

[0.0.2-1.0.46]
- [OLCNE-571] Fix version comparison function during upgrade

[0.0.2-1.0.45]
- Fix rpm version compare
- [OLCNE-550] Allow kubernetes updates for patch version

[0.0.2-1.0.44]
- [OLCNE-528] Allow assume yes to deploy a single master without the prompt

[0.0.2-1.0.43]
- [OLCNE-524] Post cluster creation should check only for master nodes

[0.0.2-1.0.42]
- [OLCNE-335] Update keepalived check api server to ensure we are grepping the correct IP

[0.0.2-1.0.41]
- [OLCNE-470] Make ha.yaml an optional argument in the cli for single master cluster

[0.0.2-1.0.40]
- [OLCNE-486] Add pod cidr default and refactor ha.yaml example

[0.0.2-1.0.39]
- [OLCNE-313] Remove features: feature1_13=true from config

[0.0.2-1.0.38]
- Default kubernetes version to latest production version

[0.0.2-1.0.37]
- [OLCNE-411] Fix keepalived issue when firewalld is disable

[0.0.2-1.0.36]
- Default kubernetes version to latest production version

[0.0.2-1.0.35]
- Add addons template and config files

[0.0.2-1.0.34]
- Enhance tests

[0.0.2-1.0.33]
- fix regression of previous firewall fix

[0.0.2-1.0.32]
- Fix firewall issues during restore [ OLCNE 343 ]

[0.0.2-1.0.31]
- Fix firewall issues [ OLCNE 249, 262 ]

[0.0.2-1.0.30]
- Enhance output while validating the system

[0.0.2-1.0.29]
- [OLCNE-85] Fix DR in 1.13

[0.0.2-1.0.28]
- Fix apiserver_cert_extra_sans for 1.13 clusters

[0.0.2-1.0.27]
- Fix update/upgrade output message

[0.0.2-1.0.26]
- Fix major upgrade

[0.0.2-1.0.25]
- Add registry migration

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected kubeadm-ha-setup package.

See Also

https://linux.oracle.com/errata/ELSA-2019-4717.html

Plugin Details

Severity: Medium

ID: 180646

File Name: oraclelinux_ELSA-2019-4717.nasl

Version: 1.1

Type: local

Agent: unix

Published: 9/7/2023

Updated: 10/22/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Low

Base Score: 1.9

Temporal Score: 1.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2019-11244

CVSS v3

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kubeadm-ha-setup, cpe:/o:oracle:linux:7

Required KB Items: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

Exploit Ease: No known exploits are available

Patch Publication Date: 7/29/2019

Vulnerability Publication Date: 4/22/2019

Reference Information

CVE: CVE-2019-11244