RedHat Multicluster Engine 2.1.7 Critical: Update for Kubernetes Security

red hat

May 25, 2023

Multicluster Engine for Kubernetes 2.1.7 General Availability release images, which address security issues and update container images

Solution

For multicluster engine for Kubernetes, see the following documentation for details on how to install the images:

Summary

Multicluster Engine for Kubernetes 2.1.7 images
Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds.
You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
Security fix(es): * CVE-2023-32314 vm2: Sandbox Escape * CVE-2023-32313 vm2: Inspect Manipulation

Topics Covered

security advisory critical redhat container security maintenance update multicluster engine

References

https://access.redhat.com/security/cve/CVE-2022-2795 https://access.redhat.com/security/cve/CVE-2022-2928 https://access.redhat.com/security/cve/CVE-2022-2929 https://access.redhat.com/security/cve/CVE-2022-36227 https://access.redhat.com/security/cve/CVE-2022-41973 https://access.redhat.com/security/cve/CVE-2023-0361 https://access.redhat.com/security/cve/CVE-2023-27535 https://access.redhat.com/security/cve/CVE-2023-32313 https://access.redhat.com/security/cve/CVE-2023-32314 https://access.redhat.com/security/updates/classification#critical

Package List

Severity

critical

Lowest

Low

Medium

High

Critical

Advisory ID: RHSA-2023:3325-01

Product: multicluster engine for Kubernetes

Advisory URL: https://access.redhat.com/errata/RHSA-2023:3325

Issue date: 2023-05-25

Topic

Multicluster Engine for Kubernetes 2.1.7 General Availability releaseimages, which address security issues and update container images.Red Hat Product Security has rated this update as having a security impactof Critical. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE links in the References section.

Topics Covered

security advisory critical redhat container security maintenance update multicluster engine

Relevant Releases Architectures

Bugs Fixed

2208376 - CVE-2023-32314 vm2: Sandbox Escape

2208377 - CVE-2023-32313 vm2: Inspect Manipulation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

RedHat Multicluster Engine 2.1.7 Critical: Update for Kubernetes Security

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

RedHat Multicluster Engine 2.1.7 Critical: Update for Kubernetes Security

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!