Maintained with ☕️ by
IcePanel logo
StackFeed logo
Google Cloud Platform logo
Original post

A vulnerability (CVE-2022-23222) was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS nodes

Share

Services

## Security A vulnerability (CVE-2022-23222) was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS nodes: For more information, see the [GCP-2024-033 security bulletin](https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2024-033). ## Security A vulnerability (CVE-2024-26584) was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes: For more information, see the [GCP-2024-035 security bulletin](https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2024-035). ## Announcement Google Distributed Cloud on VMware 1.28.600-gke.154 is now available for[download](https://cloud.google.com/anthos/clusters/docs/on-prem/latest/downloads). To upgrade, see[Upgrade a cluster or a node pool](https://cloud.google.com/anthos/clusters/docs/on-prem/latest/how-to/upgrading). Google Distributed Cloud 1.28.600-gke.154 runs on Kubernetes v1.28.9-gke.1800. If you are using a third-party storage vendor, check the[GDCV Ready storage partners](https://cloud.google.com/anthos/docs/resources/partner-storage)document to make sure the storage vendor has already passed the qualification for this release. ## Fix The following issues are fixed in 1.28.600-gke.154: * Fixed the[known issue](https://cloud.google.com/anthos/clusters/docs/on-prem/latest/troubleshooting/known-issues#admin-cluster-upgrade-fails-for-clusters-created-on-versions-1.10-or-earlier)that caused admin cluster upgrades to fail for clusters created on versions 1.10 or earlier. * Fixed the[known issue](https://cloud.google.com/anthos/clusters/docs/on-prem/latest/troubleshooting/known-issues#docker-bridge-ip-uses-172.17.0.116-for-cos-cluster-control-plane-nodes)where the Docker bridge IP uses 172.17.0.1/16 for COS cluster control plane nodes. The following vulnerabilities are fixed in 1.28.600-gke.154: * Container-optimized OS vulnerabilities: * [CVE-2024-24557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24557) * [CVE-2022-24765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765) * [CVE-2022-43995](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43995) * [CVE-2024-26907](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26907) * [CVE-2024-26882](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26882) * [CVE-2024-26885](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26885) * [CVE-2023-25652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25652) * [CVE-2022-4904](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4904) * [CVE-2023-32067](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32067) * [CVE-2023-52425](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425) * Ubuntu vulnerabilities: * [CVE-2023-52435](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52435) * [CVE-2023-52486](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52486) * [CVE-2023-52489](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52489) * [CVE-2023-52491](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52491) * [CVE-2023-52492](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52492) * [CVE-2023-52493](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52493) * [CVE-2023-52494](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52494) * [CVE-2023-52498](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52498) * [CVE-2023-52583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52583) * [CVE-2023-52587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52587) * [CVE-2023-52588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52588) * [CVE-2023-52594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52594) * [CVE-2023-52595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52595) * [CVE-2023-52597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52597) * [CVE-2023-52598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52598) * [CVE-2023-52599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52599) * [CVE-2023-52601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52601) * [CVE-2023-52602](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52602) * [CVE-2023-52604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52604) * [CVE-2023-52606](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52606) * [CVE-2023-52607](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52607) * [CVE-2023-52608](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52608) * [CVE-2023-52614](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52614) * [CVE-2023-52615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52615) * [CVE-2023-52616](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52616) * [CVE-2023-52617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52617) * [CVE-2023-52618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52618) * [CVE-2023-52619](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52619) * [CVE-2023-52622](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52622) * [CVE-2023-52623](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52623) * [CVE-2023-52627](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52627) * [CVE-2023-52631](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52631) * [CVE-2023-52633](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52633) * [CVE-2023-52635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52635) * [CVE-2023-52637](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52637) * [CVE-2023-52638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52638) * [CVE-2023-52642](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52642) * [CVE-2023-52643](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52643) * [CVE-2024-1151](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1151) * [CVE-2024-2201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2201) * [CVE-2024-23849](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23849) * [CVE-2024-26592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26592) * [CVE-2024-26593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=%20CVE-2024-26593) * [CVE-2024-26594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26594) * [CVE-2024-26600](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26600) * [CVE-2024-26602](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26602) * [CVE-2024-26606](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26606) * [CVE-2024-26608](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26608) * [CVE-2024-26610](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26610) * [CVE-2024-26614](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26614) * [CVE-2024-26615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26615) * [CVE-2024-26625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26625) * [CVE-2024-26627](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26627) * [CVE-2024-26635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26635) * [CVE-2024-26636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26636) * [CVE-2024-26640](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26640) * [CVE-2024-26641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26641) * [CVE-2024-26644](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26644) * [CVE-2024-26645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26645) * [CVE-2024-26660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26660) * [CVE-2024-26663](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26663) * [CVE-2024-26664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26664) * [CVE-2024-26665](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26665) * [CVE-2024-26668](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26668) * [CVE-2024-26671](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26671) * [CVE-2024-26673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26673) * [CVE-2024-26675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26675) * [CVE-2024-26676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26676) * [CVE-2024-26679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26679) * [CVE-2024-26684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26684) * [CVE-2024-26685](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26685) * [CVE-2024-26689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26689) * [CVE-2024-26695](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26695) * [CVE-2024-26696](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26696) * [CVE-2024-26697](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26697) * [CVE-2024-26698](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26698) * [CVE-2024-26702](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26702) * [CVE-2024-26704](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26704) * [CVE-2024-26707](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26707) * [CVE-2024-26712](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26712) * [CVE-2024-26715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26715) * [CVE-2024-26717](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26717) * [CVE-2024-26720](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26720) * [CVE-2024-26722](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26722) * [CVE-2024-26808](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26808) * [CVE-2024-26825](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26825) * [CVE-2024-26826](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26826) * [CVE-2024-26829](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26829) * [CVE-2024-26910](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26910) * [CVE-2024-26916](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26916) * [CVE-2024-26920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26920) * [CVE-2023-24023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24023) * [CVE-2023-52600](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52600) * [CVE-2023-52603](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52603) * [CVE-2024-26581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26581)

What else is happening at Google Cloud Platform?

Google Cloud Platform logo

Added missing release notes for stretched private cloud availability using ve2 node types in Sydney, Australia, APAC (australia-southeast1-b)

6 days ago

Share
Google Cloud Platform logo

End of life: SLES 12 SP5 and SLES 12 SP5 for SAP are reaching end of life and the images will be deprecated on Google Cloud

6 days ago

Share
Google Cloud Platform logo

Toxic combination findings are generally available. This includes the following updates

7 days ago

Share
Google Cloud Platform logo

In GKE version 1.31.1-gke.1621000 and later, the kube_pod_resource_request metric and the kube_pod_resource_limit metric are exported as part of the the scheduler metrics package

7 days ago

Share
Google Cloud Platform logo

You can now automatically retry failed rollouts, and automatically roll back to the most recent successful rollout, in preview

7 days ago

Share
Google Cloud Platform logo

Cloud SQL for MySQL now supports minor version 8.0.39. To upgrade your existing MySQL 8.0 instance to the new version, see Upgrade the database minor version

7 days ago

Share