Google Kubernetes Engine (GKE) - June 21st, 2023 [Feature, Security]
Share
Services
## Security
A new vulnerability, CVE-2023-0468, has been discovered in the Linux kernel that could allow an unprivileged user to escalate privileges to root when io\_poll\_get\_ownership will keep increasing req->poll\_refs on every io\_poll\_wake then overflow to 0 which will fput req->file twice and cause a struct file refcount issue. GKE clusters, including Autopilot clusters, with Container-Optimized OS using Linux Kernel version 5.15 are affected. GKE clusters using Ubuntu images or using GKE Sandbox are unaffected.
For instructions and more details, see the [GKE security bulletin](https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2023-015-gke).
## Feature
GKE support for [Hyperdisk Throughput and Hyperdisk Extreme](https://cloud.google.com/kubernetes-engine/docs/concepts/hyperdisk) as an attached persistent disk option is now generally available. Support is available for both Autopilot and Standard clusters running GKE versions 1.26 and later.
What else is happening at Google Cloud Platform?
Private Service Connect supports IPv6 in Preview for the following supported configurations
about 18 hours ago
Services
Share