CVE-2018-8029

Summary

In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.

Affected Software

VendorProductVersion RangeStatus
n/aApache HadoopApache Hadoop 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, 2.2.0 to 2.8.4affected

Weaknesses

  • Privilege Escalation

ADP Enrichment

CVE Program Container

Additional References

References