This is a clone of issue OCPBUGS-55954. The following is the description of the original issue:
—
This is a clone of issue OCPBUGS-55747. The following is the description of the original issue:
—
This is a clone of issue OCPBUGS-55695. The following is the description of the original issue:
—
This is a clone of issue OCPBUGS-55636. The following is the description of the original issue:
—
This is a clone of issue OCPBUGS-55498. The following is the description of the original issue:
—
This is a clone of issue OCPBUGS-55470. The following is the description of the original issue:
—
This is a clone of issue OCPBUGS-42044. The following is the description of the original issue:
—
Description of problem:
With the disclosure and patch of CVE-2024-45496, we must ensure that future versions of OpenShift do not allow the git clone container to run privileged. Git has fundamental weaknesses which allow a potential attacker with "edit" permissions to execute arbitrary commands.
Version-Release number of selected component (if applicable):
4.18
How reproducible:
Always
Steps to Reproduce:
N/A
Actual results:
N/A
Expected results:
N/A
Additional info:
See [CVE-2024-45496|https://access.redhat.com/security/cve/CVE-2024-45496]
- clones
-
OCPBUGS-55954 [build] Ensure Git Clone Does Not Run Privileged
-
- Closed
-
- is blocked by
-
OCPBUGS-55954 [build] Ensure Git Clone Does Not Run Privileged
-
- Closed
-
- links to
-
RHBA-2025:10270 OpenShift Container Platform 4.12.78 bug fix update