Bug 2112758

Summary: CVE-2022-3248 openshift-clients: kubernetes: OpenShift API admission checks does not enforce "custom-host" permissions [openshift-4]
Product: OpenShift Container Platform Reporter: Avinash Hanwate <ahanwate>
Component: ocAssignee: Nobody <nobody>
oc sub component: oc QA Contact: zhou ying <yinzhou>
Status: CLOSED WONTFIX Docs Contact:
Severity: low    
Priority: low CC: bmontgom, eparis, jburrell, mfojtik, nstielau, rdey, security-response-team, sponnaga, vlaad
Version: 4.12Keywords: Security, SecurityTracking
Target Milestone: ---   
Target Release: 4.12.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: component:openshift-clients
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-04-30 18:04:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2072188    
Deadline: 2022-09-19   

Description Avinash Hanwate 2022-08-01 05:16:53 UTC 
openshift-4 tracking bug for openshift-clients: see the bugs linked in the "Blocks" field of this bug for full details of the security issue(s).

This bug is never intended to be made public, please put any public notes in the blocked bugs.

Impact: Low
Reported Date: 23-Mar-2022
PM Fix/Wontfix Decision By: 31-Aug-2022
Resolve Bug By: 23-Mar-2023

In case the dates above are already past, please evaluate this bug in your next prioritization review and make a decision then. Remember to explicitly set CLOSED:WONTFIX if you decide not to fix this bug.

Please see the Security Errata Policy for further details: https://docs.engineering.redhat.com/x/9RBqB

NOTE THIS ISSUE IS CURRENTLY EMBARGOED, DO NOT MAKE PUBLIC COMMITS OR COMMENTS ABOUT THIS ISSUE.

WARNING: NOTICE THAT REMOVING THE "SECURITY" GROUP FROM THIS TRACKER MAY BREAK THE EMBARGO.
Comment 11 Rory Thrasher 2024-04-30 18:04:53 UTC 
OCP is no longer using Bugzilla and this bug appears to have been left in an orphaned state. If the bug is still relevant, please open a new issue in the OCPBUGS Jira project: https://issues.redhat.com/projects/OCPBUGS/summary