A flaw was found in machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An attacker can use this flaw to deny access to schedule new pods in the OpenShift cluster. Upstream commit: https://github.com/openshift/machine-config-operator/pull/1450
Acknowledgments: Name: Cheryl A Fillekes (IBM)
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.4 Via RHSA-2020:1939 https://access.redhat.com/errata/RHSA-2020:1939
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-1750
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.3 Via RHSA-2020:2439 https://access.redhat.com/errata/RHSA-2020:2439
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.2 Via RHSA-2020:2595 https://access.redhat.com/errata/RHSA-2020:2595