如何在 OpenShift 4 中缓解 "Dirty Frag" CVE-2026-43284、CVE-2026-43500 和 "Fragnesia" CVE-2026-46300
Issue
- 已确认 OpenShift Container Platform 4 产品会受本地权限升级 "Dirty Frag" CVE-2026-43284 和 "Fragnesia"CVE-2026-46300 的影响(RHSB-2026-003 中提及)。
- 在实施正式修复前,如何在 OpenShift 中缓解此漏洞的影响?
- "Copy Fail 2" 是否和 "Dirty Frag" 相同?
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 4
- Red Hat OpenShift Kubernetes Engine (OKE)
- 4
- Red Hat OpenShift Service on AWS with Hosted Control Plane (ROSA HCP)
- 4
- Red Hat OpenShift Service on AWS (ROSA Classic)
- 4
- Red Hat OpenShift Dedicated (OSD)
- 4
- Azure Red Hat OpenShift (ARO)
- 4
- Red Hat OpenShift Service on IBM Cloud (RHOIC)
- 4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.