CVE-2018-14632

Name of the Vulnerable Software and Affected Versions OpenShift Container Platform versions prior to 3.7

Description The issue is related to an out-of-bounds write that can occur when patching an OpenShift object using the oc patch functionality. This can be exploited to cause a denial of service attack on the OpenShift master API service, which provides cluster management. A malicious JSON patch can cause a panic due to an out-of-bounds write attempt, potentially serving as a denial of service vector if exposed to arbitrary user input.

Recommendations For OpenShift Container Platform versions prior to 3.7, update to version 3.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the oc patch functionality to minimize the risk of exploitation. Avoid using the oc patch command with untrusted input until the issue is resolved.