CVE-2021-20182
HIGHOpenShift Container Platform 4.4-4.4.33 - Privilege Escalation via Chrooted Build Container
Title source: llmDescription
A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as the network and storage devices, to at least escalate their privileges to that of the cluster admin. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
References (1)
Core 1
Core References
Issue Tracking, Mitigation, Patch, Vendor Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1915110
Scores
CVSS v3
8.8
EPSS
0.0053
EPSS Percentile
67.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-552
Status
published
Products (1)
redhat/openshift_container_platform
4.4 - 4.4.33
Published
Feb 23, 2021
Tracked Since
Feb 18, 2026