Red Hat OpenShift: CVE-2021-25735: kubernetes: Validating Admission Webhook does not observe some previous fields
Description
A vulnerability was found in Kubernetes' kube-apiserver that could allow Node updates to bypass a Validating Admission Webhook. An authenticated user could exploit this by modifying Node properties to values that should have been prevented by registered admission webhooks.
Solution(s)
linuxrpm-upgrade-openshift
Referenceshttps://attackerkb.com/topics/cve-2021-25735CVE - 2021-25735RHSA-2021:2437