CVE-2018-10843

Impact:
Important
Public Date:
2018-05-24
CWE:
CWE-20
Bugzilla:
1579096: CVE-2018-10843 source-to-image: Builder images with assembler-user LABEL set to root allows attackers to execute arbitrary code
A privilege escalation flaw was found in the source-to-image component of Openshift Container Platform which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.

Find out more about CVE-2018-10843 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 8.5
CVSS3 Base Metrics CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector Network
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Changed
Confidentiality High
Integrity Impact High
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat OpenShift Container Platform 3.9 (atomic-openshift) RHSA-2018:2013 2018-06-27

Affected Packages State

Platform Package State
Red Hat Software Collections for Red Hat Enterprise Linux source-to-image Under investigation

Acknowledgements

This issue was discovered by Jeremy Choi (Red Hat).

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.