In correlation with the end of life (EOL) for MKE 3.7.x, maintenance of this documentation set was discontinued as of 2025-AUG-29. Click here for the latest MKE 3.x version documentation.

Security information

The MKE 3.7.18 patch release focuses exclusively on CVE mitigation. To this end, the following middleware component versions have been upgraded to resolve vulnerabilities in MKE:

  • [MKE-12092] cri-dockerd 0.3.16, which contains a Golang bump to 1.23.3.

The following table details the specific CVE addressed, CVE-2024-24790.

CVE

Status

Image mitigated

Problem details from upstream

CVE-2024-24790

Resolved

ucp-hyperkube

The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.