Описание
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.
A privilege escalation flaw was found in the source-to-image component of Openshift Container Platform which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Software Collections | source-to-image | Not affected | ||
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift | Fixed | RHSA-2018:2013 | 27.06.2018 |
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift-descheduler | Fixed | RHSA-2018:2013 | 27.06.2018 |
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift-dockerregistry | Fixed | RHSA-2018:2013 | 27.06.2018 |
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift-node-problem-detector | Fixed | RHSA-2018:2013 | 27.06.2018 |
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift-web-console | Fixed | RHSA-2018:2013 | 27.06.2018 |
| Red Hat OpenShift Container Platform 3.9 | golang-github-prometheus-node_exporter | Fixed | RHSA-2018:2013 | 27.06.2018 |
| Red Hat OpenShift Container Platform 3.9 | mysql-apb-role | Fixed | RHSA-2018:2013 | 27.06.2018 |
| Red Hat OpenShift Container Platform 3.9 | openshift-ansible | Fixed | RHSA-2018:2013 | 27.06.2018 |
Показывать по
Дополнительная информация
Статус:
8.5 High
CVSS3
Связанные уязвимости
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.
8.5 High
CVSS3