Kubernetes is de facto standard in Linux container orchestration. It makes it possible to orchestrate containerized applications together, enabling composite services comprised of hundreds, or even thousands, of “simpler” services.
Like all software, Kubernetes is not immune to security issues. A new privilege escalation flaw has been discovered that makes it possible for any user to gain full administrator privileges on any compute node being run in a Kubernetes pod.
Red Hat has begun delivering patches and pushed service updates to affected users, enabling them to address this flaw either immediately or when it best fits their specific risk profile. A more detailed account of the Kubernetes privilege escalation flaw can be found at red.ht/KFix