Bug 1214793 (CVE-2023-32187) - CVE-2023-32187: k3s: Unauthenticated denial of service attack in RKE2 in the dynamiclistener
Summary: CVE-2023-32187: k3s: Unauthenticated denial of service attack in RKE2 in the ...
Status: NEW
Alias: CVE-2023-32187
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Critical
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://github.com/rancherlabs/ranche...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-08-30 15:03 UTC by Guilherme Macedo
Modified: 2023-09-11 06:07 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Marcus Meissner 2023-08-31 07:29:27 UTC 
use CVE-2023-32187 for this issue.
Comment 2 Guilherme Macedo 2023-09-09 17:55:24 UTC 
The advisory is now public in https://github.com/k3s-io/k3s/security/advisories/GHSA-m4hf-6vgr-75r2 .
Comment 3 Johannes Segitz 2023-09-11 06:07:35 UTC 
public