What Red Hat OpenShift Online and OpenShift Dedicated customers should know about Fallout and RIDL/ZombieLoad/MDS

Earlier this week, details were made public about four CVEs related to microprocessor flaws that impact systems hosting Red Hat OpenShift Online (Starter and Pro) and Red Hat OpenShift Dedicated. Some organizations are referring to these as “Fallout”, “ZombieLoad”, “RIDL”, or collectively as MDS (Microarchitectural Data Sampling). Read additional technical details at these links (CVE-2018-12127, […]

Read More...

About the February 2019 Cri-O / RunC / Docker vulnerability

What OpenShift Online and OpenShift Dedicated customers should know about the recently announced vulnerability of runc/docker/CRI-O On February 11th, 2019, details of a vulnerability that researchers have confirmed is present on certain versions of runc (impacting docker and CRI-O) was published.  These tools are deployed as part of the OpenShift product and impact the Red […]

Read More...

[Podcast] PodCTL – Kube Security, Kube 1.13 and KubeCon

[Podcast] PodCTL  - Kube Security, Kube 1.13 and KubeCon

Heading into the week of KubeCon, we wanted to make sure that listeners had some basics to prepare them for a week of learning and announcements. We discussed the severe Kubernetes bug (Kubernetes Privilege Escalation Flaw) and available patches, all of the new features in Kubernetes 1.13, as some previews of things to expect from […]

Read More...