CVE-2019-14891
published 2019-11-25CVE-2019-14891: A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon)…
medium5CVSS 3.1
AVNACHPRLUINSUCLILAL
A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to get host network access on an cri-o host.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kubernetes | cri-o | < 1.16.1 | 1.16.1 |
| kubernetes | cri-o | — | — |
| redhat | openshift_container_platform | — | — |
| redhat | openshift_container_platform | — | — |
| redhat | openshift_container_platform | — | — |