Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
CVE-2020-8552: apiserver DoS (oom) #89378
CVSS Rating: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L (Medium)
The Kubernetes API server has been found to be vulnerable to a denial of service attack via authorized API requests.
Am I vulnerable?
If an attacker that can make an authorized resource request to an unpatched API server (see below), then you are vulnerable to this. Prior to v1.14, this was possible via unauthenticated requests by default.
How do I mitigate this vulnerability?
Prior to upgrading, this vulnerability can be mitigated by:
To upgrade, refer to the documentation: https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster
This vulnerability was reported by: Gus Lees (Amazon)