A out of bound write can occur when patching a Openshift object using the 'oc patch' functionality in OpenShift Container Platform 3.6 and earlier. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.
.
Upstream commit which fixes this issue in json-patch: https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03#diff-65c563bba473be9d94ce4d033f74810e
Upstream commit which fixes this issue in json-patch, which is used by OpenShift Container Platform. https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03#diff-65c563bba473be9d94ce4d033f74810e
Acknowledgments: Name: Lars Haugan
Statement: A multi-master Openshift Container Platform cluster is more resilient, however a sustained attack would still have an important impact.
(In reply to Jason Shepherd from comment #1) > This issue is fixed in OpenShift Container Platform 3.7 and later. Judging by later comments and the fact that the referenced commit is tagged only for 4.0.0, I don't think the above statement is true. RH Security page for this CVE lists all 3.x versions as Affected.
Jason?
Hi Dominik, I've removed comment #1 now. You are correct that the issue is not fixed in OCP 3.7 and later. At the time when I wrote that it was believed that it was true, however a subsequent issue was discovered that had the same impact on all released OCP versions. Regards, Jason
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.6 Via RHSA-2018:2654 https://access.redhat.com/errata/RHSA-2018:2654
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.10 Via RHSA-2018:2709 https://access.redhat.com/errata/RHSA-2018:2709
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.9 Via RHSA-2018:2908 https://access.redhat.com/errata/RHSA-2018:2908
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.7 Via RHSA-2018:2906 https://access.redhat.com/errata/RHSA-2018:2906
Is this fixed in 3.11? https://access.redhat.com/security/cve/cve-2018-14632 is still listing 3.11 as affected with no fix available.
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.11 Via RHBA-2018:2652 https://access.redhat.com/errata/RHBA-2018:2652