medium

GKE Sandbox side channel attack

Published Tue, Mar 22nd, 2022

Platforms

Summary

There was a misconfiguration with Simultaneous Multi-Threading (SMT), also known as Hyper-threading, in GKE Sandbox images, causing nodes to be potentially exposed to side channel attacks such as Microarchitectural Data Sampling (MDS).

Affected Services

GKE Sandbox

Remediation

Upgrade nodes to versions 1.22.6-gke.1500 and later or 1.23.3-gke.1100 and later.

Tracked CVEs

No tracked CVEs

References

https://cloud.google.com/support/bulletins https://cloud.google.com/anthos/clusters/docs/security-bulletins

Contributed by https://github.com/ramimac

Entry Status

Finalized

Disclosure Date

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

More vulnerabilities...

low

AWS RDS does not enforce SSL/TLS encryption

The AWS RDS service does not enable secure transport layer security by default, allowing clients to connect insecurely. Additionally, for the more commonly used MySQL and MariaDB RDS engine types, ...

Riyaz Walikar, KloudleMar 10, 2022

medium

Logic Apps privilege escalation to root

Azure Logic Apps use API Connections to authenticate actions to services. Having Contributor access to an Azure Resource Manager (ARM) API Connection would allow someone to create arbitrary role as...

Josh Magri, NetSPIMar 9, 2022

medium

Autopilot node compromise via allowlisted workload masquerade

Unit 42 researchers disclosed several vulnerabilities and attack techniques in GKE Autopilot to Google, the root cause being insufficient verification of allowlisted workload image names. An attac...

Yuval Avrahami, Palo AltoMar 8, 2022

View all