A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Mon, 13 Jul 2026 13:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes. | |
| Title | Redhatinsights/incluster-checks: incluster-checks: privileged host-chroot debug pods created in shared default namespace enable privilege escalation to node root | |
| First Time appeared |
Redhat
Redhat pdrive Lightspeed |
|
| Weaknesses | CWE-250 | |
| CPEs | cpe:/a:redhat:pdrive_lightspeed:1 | |
| Vendors & Products |
Redhat
Redhat pdrive Lightspeed |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-13T12:01:06.562Z
Reserved: 2026-07-13T11:47:02.045Z
Link: CVE-2026-15584
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses