Red Hat has disclosed a flaw in that was reported by the Kubernetes’ community that if left unpatched could give an unauthorized party the ability to escalate their privileges on Kubernetes installations, including Red Hat OpenShift.
The flaw, CVE-2018-1002105, is in Kubernetes 1.10 and higher and is rated as critical due to its ease of exploitation. It affects Red Hat OpenShift Container Platform 3.x, Red Hat OpenShift Online and Red Hat OpenShift Dedicated.
The vulnerability allows non-privileged users to access Kubernetes clusters and associated data. There are two potential ways of exploitation.
“The first involves abusing pod exec privileges granted to a normal user, and the second involves attacking the API extensions feature which provides the service catalog and access to additional features in Kubernetes 1.6 and later,” Red Hat said in a release.
Kubernetes is recommending all users apply the appropriate updates.
“We were surprised by its scope and the fact this wasn’t discovered earlier. This vulnerability has existed in every version of Kubernetes since v1.0. But Kubernetes is complex software with a large codebase, which can lead, to some extent, to various security issues. That the fix is so simple – just 37 lines of code – speaks to the maturity and high quality of the Kubernetes codebase,” said Wei Lien Dang, VP of products at StackRox.