Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Openshift-dedicated: hive: hibernation controller denial of service
Vulnerability Description
A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If a ClusterSync.hiveinternal.openshift.io/v1alpha1 resource is also created, the hive hibernation controller will enter the reconciliation loop leading to a panic when accessing a non-existing field in the ClusterDeployment’s status section, resulting in a denial of service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Red Hat OpenShift Dedicated 资源管理错误漏洞
Vulnerability Description
Red Hat OpenShift Dedicated是美国红帽(Red Hat)公司的一款为企业用户提供的容器平台管理服务。用于构建、发布和管理应用,支持跨云迁移工作负载。 Red Hat OpenShift Dedicated存在资源管理错误漏洞,该漏洞源于Hive休眠控制器组件在处理ClusterDeployment.hive.openshift.io/v1资源时存在缺陷,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A