Ref: https://www.openwall.com/lists/oss-security/2020/09/03/3
影響範圍:
這個漏洞會允許 docker 環境直接拿到 host node 環境的 root 權限,GKE 環境直接被影響了。
看 Google 官方建議修復:
To fix this vulnerability, upgrade your control plane, and then your nodes to one of the patched versions listed below:
- 1.14.10-gke.50
- 1.15.12-gke.20
- 1.16.13-gke.401
- 1.17.9-gke.1504
- 1.18.6-gke.3504