A security issue was discovered in Kubernetes that could allow Windows workloads to run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. ref: https://github.com/rancher/rancher/issues/38949
Created golang-k8s-kubernetes tracking bugs for this issue: Affects: fedora-all [bug 2127809] Created origin tracking bugs for this issue: Affects: fedora-all [bug 2127810]
Affects only Windows machines.
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2022:9096 https://access.redhat.com/errata/RHSA-2022:9096
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-25749