CVE-2018-8029: Privilege escalation vulnerability in Apache Hadoop
8.8
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.81767%
CWE
Published
5/31/2019
Updated
1/9/2023
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
org.apache.hadoop:hadoop-main | maven | >= 2.2.0, < 2.8.4 | 2.8.4 |
org.apache.hadoop:hadoop-main | maven | >= 2.9.0, < 2.9.2 | 2.9.2 |
org.apache.hadoop:hadoop-main | maven | >= 3.0.0, < 3.1.1 | 3.1.1 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability centers around improper authorization in YARN container execution. Analysis of Hadoop's architecture reveals that:
- LinuxContainerExecutor.startContainer() is the primary method for launching containers with user privileges
- The vulnerability description explicitly mentions privilege escalation from yarn to root
- Historical Hadoop vulnerabilities (CVE-2016-3086) show similar patterns in container execution paths
- The CWE-285 classification indicates missing authorization checks in security-sensitive operations While exact patch details are unavailable, these functions are central to container privilege management and match the vulnerability's behavioral profile.