{
  "threat_severity" : "Important",
  "public_date" : "2021-09-15T16:00:00Z",
  "bugzilla" : {
    "description" : "kubernetes: Symlink exchange can allow host filesystem access",
    "id" : "1993749",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1993749"
  },
  "cvss3" : {
    "cvss3_base_score" : "8.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-59",
  "details" : [ "A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.", "A flaw was found in kubernetes. An authorized user can exploit this by creating pods with crafted subpath volume mounts to access files and directories outside of the volume, including on the host node's filesystem." ],
  "acknowledgement" : "Red Hat would like to thank the Kubernetes Security Response Committee for reporting this issue. Upstream acknowledges Fabricio Voznika (Google) and Mark Wolters (Google) as the original reporters.",
  "affected_release" : [ {
    "product_name" : "Red Hat OpenShift Container Platform 3.11",
    "release_date" : "2021-09-30T00:00:00Z",
    "advisory" : "RHSA-2021:3646",
    "cpe" : "cpe:/a:redhat:openshift:3.11::el7",
    "package" : "atomic-openshift-0:3.11.524-1.git.0.2dffce7.el7"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.6",
    "release_date" : "2021-09-29T00:00:00Z",
    "advisory" : "RHSA-2021:3642",
    "cpe" : "cpe:/a:redhat:openshift:4.6::el7",
    "package" : "openshift-0:4.6.0-202109180038.p0.git.d5ed12c.assembly.stream.el7"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.7",
    "release_date" : "2021-09-29T00:00:00Z",
    "advisory" : "RHSA-2021:3635",
    "cpe" : "cpe:/a:redhat:openshift:4.7::el7",
    "package" : "openshift-0:4.7.0-202109172126.p0.git.bbbc079.assembly.stream.el7"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.8",
    "release_date" : "2021-09-28T00:00:00Z",
    "advisory" : "RHSA-2021:3631",
    "cpe" : "cpe:/a:redhat:openshift:4.8::el7",
    "package" : "openshift-0:4.8.0-202109180335.p0.git.a620f50.assembly.stream.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Affected",
    "package_name" : "openshift4/ose-alibaba-cloud-csi-driver-container-rhel8",
    "cpe" : "cpe:/a:redhat:openshift:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-25741\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-25741\nhttps://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s" ],
  "name" : "CVE-2021-25741",
  "mitigation" : {
    "value" : "OpenShift Container Platform runs with SELinux in enforcing mode, which reduces the impact of this vulnerability, but does not completely prevent it from being exploited.",
    "lang" : "en:us"
  },
  "csaw" : false
}