公告ID: KYLIN-2019-3874
安全等级: 中等
产品: Kylin V3
发布日期: 2019年3月19日
CVE: CVE-2019-3874
CVSS3评分: 5.3
概述:
While this issue affects the Linux Kernel in Kylin Enterprise Linux, and not OpenShift Container Platform (OCP) 3 code directly. OCP 3 makes use of CGroups in the Kernel to measure and report on the amount of system resources used by an end user application. The default Security Context Constraints (SCC) in OpenShift Container Platform 3.x disallow an end user from running a container as root. Also a check is performed by the OCP 3 Installer to ensure SELinux is enabled, [1]. [1] https://github.com/openshift/openshift-ansible/blob/006fb14e9a28df9bd1a58ac376bbdf3eba50fa51/roles/openshift_node/tasks/main.yml#L3 描述:
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. 系统版本:
KYLIN 3.3.x
KYLIN 3.3.x
KYLIN 3.3.x
受影响包列表:
kernel-alt
kernel-rt
kernel