Out Of Bounds Write Vulnerability in OpenShift Container Platform
CVE-2018-14632

7.7HIGH

Key Information:

Vendor: Red Hat
Status: Atomic-openshift
Vendor: CVE Published:; 6 September 2018

What is CVE-2018-14632?

An out of bounds write vulnerability exists in the OpenShift Container Platform, specifically when utilizing the 'oc patch' functionality. This flaw can lead to a denial of service condition affecting the OpenShift master API service, which is essential for cluster management. An attacker could exploit this weakness to disrupt the normal operations of the service, highlighting the importance of timely updates and system patch management.

Affected Version(s)

atomic-openshift atomic-openshift-3.7

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14632

x_refsource_CONFIRM

https://github.com/evanphx/json-patch/commit/4c9aadca8f89...

x_refsource_CONFIRM

https://access.redhat.com/errata/RHBA-2018:2652

vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 6, 2018
Vulnerability Reserved
Jul 27, 2018

Red Hat

What is CVE-2018-14632?

Affected Version(s)

References

CVSS V3.1

Timeline