A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| unaffected |
|
||||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | unaffected | — | ||||||
| Red Hat | Red Hat OpenShift Container Platform 4.12 | affected |
|
||||||
| Red Hat | Red Hat OpenShift Container Platform 4 | affected | — |
No data.
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat OpenShift Container Platform 4.12 | |||
| openshift-0:4.12.0-202403042037.p0.g9946c63.assembly.stream.el9 | cpe:/a:redhat:openshift:4.12::el8 | RHSA-2024:1267 | 2024-03-20T00:00:00Z |
| Red Hat OpenShift Container Platform 4.13 | |||
| openshift4/ose-cluster-kube-controller-manager-operator:v4.13.0-202402011837.p0.gdac7113.assembly.stream | cpe:/a:redhat:openshift:4.13::el8 | RHSA-2024:0741 | 2024-02-14T00:00:00Z |
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-3260 | A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn. |
 Github GHSA |
GHSA-h7wq-jj8r-qm7p | Kubernetes Nil pointer dereference in KCM after v1 HPA patch request |
Fixes
Solution
No solution given by the vendor.
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
History
Sun, 17 Nov 2024 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 17 Nov 2024 11:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | kube-controller-manager: malformed HPA v1 manifest causes crash | Kube-controller-manager: malformed hpa v1 manifest causes crash |
| CPEs | cpe:/a:redhat:openshift:4 cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.13::el9 |
|
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-11-17T16:16:49.847Z
Reserved: 2024-01-22T21:32:10.068Z
Link: CVE-2024-0793
Vulnrichment
Updated: 2024-11-17T16:16:46.979Z
NVD
Status : Awaiting Analysis
Published: 2024-11-17T11:15:06.340
Modified: 2024-11-18T17:11:17.393
Link: CVE-2024-0793
Redhat
OpenCVE Enrichment
No data.
Weaknesses