Security update for kubernetes1.24 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:3458-1 Final 1 1 2024-10-04T13:30:11Z current 2024-10-04T13:30:11Z 2024-10-04T13:30:11Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for kubernetes1.24 This update of kubernetes1.24 fixes the following issues: - rebuild the package with the current go 1.23 security release (bsc#1229122). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2024-3458,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3458,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3458,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3458,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3458 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20243458-1/ Link for SUSE-SU-2024:3458-1 https://lists.suse.com/pipermail/sle-security-updates/2024-September/019524.html E-Mail link for SUSE-SU-2024:3458-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1229122 SUSE Bug 1229122 https://bugzilla.suse.com/1230252 SUSE Bug 1230252 https://bugzilla.suse.com/1230253 SUSE Bug 1230253 https://bugzilla.suse.com/1230254 SUSE Bug 1230254 https://www.suse.com/security/cve/CVE-2024-34155/ SUSE CVE CVE-2024-34155 page https://www.suse.com/security/cve/CVE-2024-34156/ SUSE CVE CVE-2024-34156 page https://www.suse.com/security/cve/CVE-2024-34158/ SUSE CVE CVE-2024-34158 page SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4 kubernetes1.24-apiserver-1.24.17-150400.9.18.1 kubernetes1.24-client-1.24.17-150400.9.18.1 kubernetes1.24-client-bash-completion-1.24.17-150400.9.18.1 kubernetes1.24-client-common-1.24.17-150400.9.18.1 kubernetes1.24-client-fish-completion-1.24.17-150400.9.18.1 kubernetes1.24-controller-manager-1.24.17-150400.9.18.1 kubernetes1.24-kubeadm-1.24.17-150400.9.18.1 kubernetes1.24-kubelet-1.24.17-150400.9.18.1 kubernetes1.24-kubelet-common-1.24.17-150400.9.18.1 kubernetes1.24-proxy-1.24.17-150400.9.18.1 kubernetes1.24-scheduler-1.24.17-150400.9.18.1 kubernetes1.24-client-1.24.17-150400.9.18.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kubernetes1.24-client-common-1.24.17-150400.9.18.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS kubernetes1.24-client-1.24.17-150400.9.18.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kubernetes1.24-client-common-1.24.17-150400.9.18.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS kubernetes1.24-client-1.24.17-150400.9.18.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kubernetes1.24-client-common-1.24.17-150400.9.18.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS kubernetes1.24-client-1.24.17-150400.9.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 kubernetes1.24-client-common-1.24.17-150400.9.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. CVE-2024-34155 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.18.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.18.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243458-1/ https://www.suse.com/security/cve/CVE-2024-34155.html CVE-2024-34155 https://bugzilla.suse.com/1230252 SUSE Bug 1230252 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. CVE-2024-34156 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.18.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.18.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243458-1/ https://www.suse.com/security/cve/CVE-2024-34156.html CVE-2024-34156 https://bugzilla.suse.com/1230253 SUSE Bug 1230253 Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. CVE-2024-34158 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.18.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.18.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.18.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243458-1/ https://www.suse.com/security/cve/CVE-2024-34158.html CVE-2024-34158 https://bugzilla.suse.com/1230254 SUSE Bug 1230254