Lars Haugan

**Name of the Vulnerable Software and Affected Versions** OpenShift Container Platform versions prior to 3.7 **Description** The issue is related to an out-of-bounds write that can occur when patching an OpenShift object using the `oc patch` functionality. This can be exploited to cause a denial of service attack on the OpenShift master API service, which provides cluster management. A malicious JSON patch can cause a panic due to an out-of-bounds write attempt, potentially serving as a denial of service vector if exposed to arbitrary user input. **Recommendations** For OpenShift Container Platform versions prior to 3.7, update to version 3.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the `oc patch` functionality to minimize the risk of exploitation. Avoid using the `oc patch` command with untrusted input until the issue is resolved.