GCP-2023-040

Google Cloud Platform Security Advisory

Published: 2023-11-06
Reference: CVE-2023-4921

GKE

DescriptionSeverity

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

  • CVE-2023-4921

Autopilot clusters are impacted.

Clusters using GKE Sandbox are not impacted.

What should I do?

Upgrade your Container-Optimized OS node pools to one of the following versions or later:

  • 1.24.14-gke.1027001
  • 1.25.14-gke.1351000
  • 1.26.9-gke.1345000
  • 1.27.6-gke.1389000

Upgrade your Ubuntu node pools to one of the following versions or later:

  • 1.24.17-gke.2186000
  • 1.25.15-gke.1016000
  • 1.26.9-gke.1548000
  • 1.27.6-gke.1551000
  • 1.28.2-gke.1256000
High

Anthos clusters on VMware

DescriptionSeverity

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

  • CVE-2023-4921

What should I do?

Pending

Anthos clusters on AWS

DescriptionSeverity

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

  • CVE-2023-4921

What should I do?

Pending

Anthos on Azure

DescriptionSeverity

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

  • CVE-2023-4921

What should I do?

Pending

Anthos clusters on bare metal

DescriptionSeverity

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

  • CVE-2023-4921

What should I do?

There is no action required. Anthos clusters on bare metal are not affected as it does not bundle an operating system in its distribution.

None

CLICK FOR MORE INFORMATION