Security News > 2021 > April > Security Bug Allows Attackers to Brick Kubernetes Clusters

Security Bug Allows Attackers to Brick Kubernetes Clusters
2021-04-14 20:56

A vulnerability in one of the Go libraries that Kubernetes is based on could lead to denial of service for the CRI-O and Podman container engines.

"Through this vulnerability, malicious actors could jeopardize any containerized infrastructure that relies on these vulnerable container engines, including Kubernetes and OpenShift," Sasson said in a Wednesday posting.

The containers/storage library is used by CRI-O and Podman to handle storage and download of container images.

Podman meanwhile will fail to pull new images, retrieve running pods, start new containers, exec into containers, retrieve existing images or kill existing containers, he said.

The impact could be fairly wide: "As of Kubernetes v1.20, Docker is deprecated and the only container engines supported are CRI-O and Containerd," Sasson explained.

Cloud container security continues to be a focus for users - and for cyberattackers.


News URL

https://threatpost.com/security-bug-brick-kubernetes-clusters/165413/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Kubernetes 19 5 45 35 8 93