Bypass of seccomp profile enforcement
CVE-2023-2431

3.4LOW

Key Information:

Vendor: Kubernetes
Status: Kubernetes
Vendor: CVE Published:; 16 June 2023

What is CVE-2023-2431?

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Kubernetes 0

Kubernetes v1.25.0

Kubernetes v1.26.0

References

https://groups.google.com/g/kubernetes-security-announce/...

https://github.com/kubernetes/kubernetes/issues/118690

https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:

3.4

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2023
Vulnerability Reserved
Apr 30, 2023

Credit

Tim Allclair

Craig Ingram

JSON

Kubernetes