Anthos GKE - June 20th, 2023 [Security]

## Security **Security bulletin** A new vulnerability, CVE-2023-0468, has been discovered in the Linux kernel that could allow an unprivileged user to escalate privileges to root when io\_poll\_get\_ownership will keep increasing req->poll\_refs on every io\_poll\_wake then overflow to 0 which will fput req->file twice and cause a struct file refcount issue. GKE clusters, including Autopilot clusters, with Container-Optimized OS using Linux Kernel version 5.15 are affected. GKE clusters using Ubuntu images or using GKE Sandbox are unaffected. For more information, see the[GCP-2023-015 security bulletin](https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2023-015).