(RHSA-2019:0408) Important: OpenShift Container Platform 3.4, 3.5, 3.6, and 3.7 security update

2019-02-26T14:31:21
ID RHSA-2019:0408
Type redhat
Reporter RedHat
Modified 2019-02-26T14:32:43

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Security Fix(es):

  • A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could use this flaw to overwrite contents of the runc binary and consequently run arbitrary commands on the container host system. (CVE-2019-5736)

All OpenShift Container Platform 3 users are advised to upgrade to these updated packages.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.