The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions before 1.13.9, versions before 1.14.5, versions before 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kubernetes kubernetes 1.12.11 |
||
kubernetes kubernetes |
||
redhat openshift container platform 3.9 |
||
redhat openshift container platform 3.10 |
||
redhat openshift container platform 3.11 |
||
redhat openshift container platform 4.1 |
Lid lifted on container toolkit's two million lines of code, 34 vulnerabilities peer out Container code cluster-fact: There's a hole in Kubernetes that lets miscreants cause havoc
The Cloud Native Computing Foundation (CNCF) today released a security audit of Kubernetes, the widely used container orchestration software, and the findings are about what you'd expect for a project with about two million lines of code: there are plenty of flaws that need to be addressed. The CNCF engaged two security firms, Trail of Bits and Atredis Partners, to poke around Kubernetes code over the course of four months. The companies looked at Kubernetes components involved in networking, cr...