A vulnerability has been discovered in `kubectl cp` that allows a combination of two symlinks to copy a file outside of its destination directory. This could be used to allow an attacker to place a netfarious file using a symlink, outside of the destination tree. Reference: https://github.com/kubernetes/kubernetes/pull/82143 https://github.com/kubernetes/kubernetes/pull/82143 https://github.com/kubernetes/kubernetes/pull/82384 https://github.com/kubernetes/kubernetes/pull/82502 https://github.com/kubernetes/kubernetes/pull/82503
Created kubernetes tracking bugs for this issue: Affects: fedora-all [bug 1753496] Created kubernetes:1.10/kubernetes tracking bugs for this issue: Affects: fedora-all [bug 1753497]
External References: https://groups.google.com/forum/#!msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ
heketi shipped with Gluster uses very old Kubernetes version which does not provide support for symlink in 'kubectl cp'.
Statement: This issue did not affect the version of Kubernetes(embedded in heketi) shipped with Red Hat Gluster Storage 3 as it does not include the symlink support for kubectl cp.
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.1 Via RHSA-2019:3266 https://access.redhat.com/errata/RHSA-2019:3266
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.1 Via RHSA-2019:3267 https://access.redhat.com/errata/RHSA-2019:3267
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-11251
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.9 Via RHSA-2019:3811 https://access.redhat.com/errata/RHSA-2019:3811
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.11 Via RHSA-2019:3905 https://access.redhat.com/errata/RHSA-2019:3905