v1.15.12-lts.1
1 minute read
This is the first fixed release by KLTS for v1.15.12.
Patches
- CVE-2020-8558
The
kube-proxycomponent was found to set the kernel parameternet.ipv4.conf.all.route_localnet=1in bothiptablesandipvsmodes to allow local loopback access. An attacker may use the container sharing the host network, or bind and listen to the TCP/UDP service of the local127.0.0.1on the cluster node to access the same LAN or adjacent node under the second layer network to obtain interface information. If your service does not set the necessary security certification, it may cause the risk of information leakage. - CVE-2021-3121
A program with this vulnerability may crash because of processing some messages that contain malicious
Protobuf. If the version ofGogo Protobufyou are using is too low, this vulnerability may exist. - nokmem
The node has sufficient disks, but it keeps reporting that the disk is insufficient to create a Pod.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.