Update and rename gcp-gke-hyperthreading.yaml to gcp-2022-011.yaml

wiz-sec · Nov 2, 2023 · 0161c16 · 0161c16
1 parent 704c430
commit 0161c16
Showing 1 changed file with 10 additions and 11 deletions.
diff --git a/vulnerabilities/gcp-gke-hyperthreading.yaml → vulnerabilities/gcp-2022-011.yaml b/vulnerabilities/gcp-gke-hyperthreading.yaml → vulnerabilities/gcp-2022-011.yaml
@@ -1,10 +1,10 @@
-title: Side channel attack against Simultaneous Multi-Threading
-slug: gke-hyperthreading
+title: GKE Sandbox side channel attack
+slug: gcp-2022-011
 cves: null
 affectedPlatforms:
 - GCP
 affectedServices:
-- Kubernetes Image
+- GKE Sandbox
 image: https://images.pexels.com/photos/5371573/pexels-photo-5371573.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=2
 severity: Medium
 discoveredBy:
@@ -13,19 +13,18 @@ discoveredBy:
   domain: null
   twitter: null
 disclosedAt: null
-publishedAt: 2023/06/02
+publishedAt: 2022/03/22
 exploitabilityPeriod: null
 knownITWExploitation: null
 summary: |
-  There is a misconfiguration with Simultaneous Multi-Threading (SMT),
-  also known as Hyper-threading, on GKE Sandbox images. The 
-  misconfiguration leaves nodes potentially exposed to side channel 
-  attacks such as Microarchitectural Data Sampling (MDS)
-  (for more context, see GKE Sandbox documentation).
+  There was a misconfiguration with Simultaneous Multi-Threading (SMT),
+  also known as Hyper-threading, in GKE Sandbox images, causing nodes
+  to be potentially exposed to side channel attacks such as
+  Microarchitectural Data Sampling (MDS).
 manualRemediation: |
-  None required
+  Upgrade nodes to versions 1.22.6-gke.1500 and later or 1.23.3-gke.1100 and later.
 detectionMethods: null
 contributor: https://github.com/ramimac
 references:
 - https://cloud.google.com/support/bulletins#gcp-2022-011
-- https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-011
+- https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-011