Bug 1551818 (CVE-2017-1002102)
Summary: | CVE-2017-1002102 kubernetes: Malicious containers can delete any file from the node | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jason Shepherd <jshepherd> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | admiller, bleanhar, ccoleman, dedgar, dmcphers, eparis, hchiramm, ichavero, jbrooks, jcajka, jchaloup, jgoulding, jkeck, madam, nhorman, rhs-bugs, security-response-team, sisharma, ssaha, storage-qa-internal, tdawson, tstclair, vbatts, vbellur |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
This vulnerability allows containers using a secret, configMap, projected, or downwardAPI volume to trigger deletion of arbitrary files and directories on the nodes where they are running. An attacker could use this flaw to delete arbitrary file or directories on node host.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-07-12 13:05:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1536576, 1553541, 1554168, 1554169, 1554170, 1554171, 1554539, 1554573 | ||
Bug Blocks: | 1536902 |
Description
Jason Shepherd
2018-03-06 00:29:27 UTC
Acknowledgments: Name: Joel Smith (Red Hat) This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.3 Red Hat OpenShift Container Platform 3.4 Red Hat OpenShift Container Platform 3.5 Red Hat OpenShift Container Platform 3.6 Red Hat OpenShift Container Platform 3.7 Via RHSA-2018:0475 https://access.redhat.com/errata/RHSA-2018:0475 Created kubernetes tracking bugs for this issue: Affects: fedora-all [bug 1554539] Created origin tracking bugs for this issue: Affects: fedora-all [bug 1554573] This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2017-1002102 |