AWS-2023-008

Scope: AWS Content Type: Informational Publication Date: 2023/08/23 10:00 AM PDT AWS is aware of three security issues (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) in Kubernetes that affect Amazon EKS customers with Windows EC2 nodes in their clusters. These issues do not affect any Kubernetes control plane or the service itself, nor do these issues permit cross-customer impact. Updated Amazon EKS Windows AMIs are now available for Kubernetes versions 1.23 through 1.27 that include patched builds of kubelet and csi-proxy. We recommend that EKS customers update their configurations to launch new worker nodes from the latest AMI version. Customers using Managed node groups can refer to the EKS Documentation for instructions on upgrading their node groups. Customers self-managing worker nodes should replace existing instances with the new AMI version by referring to the EKS documentation . Kubernetes Minor Version AMI Release Version Kubelet Version v1.23 1.23-2023.08.17 v1.23.17-eks-8ccc7ba v1.24 1.24-2023.08.17 v1.24.16-eks-8ccc7ba v1.25 1.25-2023.08.17 v1.25.12-eks-8ccc7ba v1.26 1.26-2023.08.17 v1.26.7-eks-8ccc7ba v1.27 1.27-2023.08.17 v1.27.4-eks-8ccc7ba If you have questions or …