Red Hat recently announced information about CVE-2018-1111, a vulnerability in the integration between Network Manager and DHCP present in Red Hat Enterprise Linux.

OpenShift Online and Dedicated run on top of RHEL and as such have the vulnerable package installed. However, because each cluster is contained within individual private networks all of the common ways to exploit this flaw are effectively removed.

Regardless, due to the severity of the vulnerability all OpenShift cluster nodes were patched starting on the morning of May 15th once the updated packages were publically released. Remediation for all nodes finished within 24 hours, following the preferred maintenance window for each cluster.

For more information, please refer to the vulnerability article available at https://access.redhat.com/security/vulnerabilities/3442151.

Red Hat OpenShift SRE Team


About the author

Dave Baker has been with Red Hat since 2017.  He's currently working as a Design Architect in the Secure Engineering team within Product Security, and has spent the last years in various security related roles helping to protect Red Hat OpenShift Container Platform and many other products.

Read full bio