In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to other users/groups, the written files may be modified by other users/groups and disrupt the kubectl invocation. Upstream issue: https://github.com/kubernetes/kubernetes/issues/76676
Created containernetworking-cni tracking bugs for this issue: Affects: epel-7 [bug 1703214] Created kubernetes tracking bugs for this issue: Affects: fedora-all [bug 1703211] Created kubernetes:1.1/kubernetes tracking bugs for this issue: Affects: fedora-29 [bug 1703210] Created kubernetes:openshift-3.10/origin tracking bugs for this issue: Affects: fedora-29 [bug 1703212] Created origin tracking bugs for this issue: Affects: fedora-all [bug 1703213]
Upstream Commit: https://github.com/kubernetes/kubernetes/pull/77874/commits/f228ae3364729caed59087e23c42868454bc3ff4
Gluster ships very old kubernetes version v1.5.5 which is not affected by this vulnerability.
Statement: OpenShift Container Platform includes kubectl. OCP 3.9 and later include this same flaw. This issue does not affect the version of Kubernetes (embedded in heketi) shipped with Red Hat Gluster Storage 3 as it does not contain the vulnerable functionality.
Mitigation: Do not use --cache-dir, or ensure that --cache-dir is not set to a location that other users have access to.
External References: https://github.com/kubernetes/kubernetes/issues/76676
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.1 Via RHSA-2019:3942 https://access.redhat.com/errata/RHSA-2019:3942
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-11244
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.11 Via RHSA-2020:0020 https://access.redhat.com/errata/RHSA-2020:0020
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.1 Via RHSA-2020:0074 https://access.redhat.com/errata/RHSA-2020:0074