Advisories for Golang/Github.com/Rancher/Rke2 package

A vulnerability has been identified whereby RKE2 deployments in Windows nodes have weak Access Control Lists (ACL), allowing BUILTIN\Users or NT AUTHORITY\Authenticated Users to view or edit sensitive files which could lead to privilege escalation. This vulnerability is exclusive to RKE2 in Windows environments. Linux environments are not affected by it. Please consult the associated MITRE ATT&CK - Technique - Exploitation for Privilege Escalation for further information about this category …

Impact An issue was found in RKE2 where an attacker with network access to RKE2 servers' supervisor port (TCP 9345) can force the TLS server to add entries to the certificate's Subject Alternative Name (SAN) list, through a stuffing attack, until the certificate grows so large that it exceeds the maximum size allowed by TLS client implementations. OpenSSL for example will raise an excessive message size error when this occurs. …