Support Questions
Find answers, ask questions, and share your expertise

CVE-2018-11760: Apache Spark local privilege escalation vulnerability

CVE-2018-11760: Apache Spark local privilege escalation vulnerability

New Contributor

Hi All,

I have noticed a vulnerability reported for spark in https://spark.apache.org/security.html.

My organization is using HDP-2.6.5 which has the Spark version 2.2.x. How can I upgrade it to Spark-2.2.3 which is the mitigated version as per the doc.

Thanks,

Ratheesh

1 REPLY 1
Highlighted

Re: CVE-2018-11760: Apache Spark local privilege escalation vulnerability

Contributor

Hi, 

 

Based on the documentation [1], we notice that the HDP -2.6.5 already has Apache Spark 2.3.2 in it. 

We recommend upgrading HDP stack so that you can get an appropriate version of spark which comes with stack instead of manually installing spark.

 

[1] https://docs.cloudera.com/HDPDocuments/HDPforCloud/HDPforCloud-2.6.5/hdp-release-notes/content/hdp_c...