GO-2025-3465 Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes

🗓️ 03 Mar 2025 19:22:09Reported by GoogleType

osv

osv🔗 osv.dev👁 5 Views

Node Denial of Service vulnerability in kubelet Checkpoint API within Kubernetes software.

Reporter	Title	Published	Views	Family All 95
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Node DOS vulnerability in Kubernetes [CVE-2025-0426]	31 Oct 202518:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple vulnerabilities	31 Jul 202514:21	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Netcool Operations Insights.	20 Nov 202516:20	–	ibm
AlpineLinux	CVE-2025-0426	13 Feb 202515:16	–	alpinelinux
Tenable Nessus	Azure Linux 3.0 Security Update: kubernetes (CVE-2025-0426)	22 Jan 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2025-0426	19 Aug 202500:00	–	nessus
BDU FSTEC	The vulnerability of the kubelet utility in the Kubernetes cluster management software allows a attacker to trigger a failure in the operation of the cluster.	9 Jun 202500:00	–	bdu_fstec
CBLMariner	CVE-2025-0426 affecting package kubernetes for versions less than 1.30.10-1	13 Mar 202515:10	–	cbl_mariner
Chainguard	CVE-2025-0426 vulnerabilities	13 Feb 202516:16	–	cgr
Circl	CVE-2025-0426	13 Feb 202515:23	–	circl

Source	Link
github	www.github.com/advisories/GHSA-jgfp-53c3-624w
openwall	www.openwall.com/lists/oss-security/2025/02/13/1
github	www.github.com/kubernetes/kubernetes/issues/130016
groups	www.groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8

04 Feb 2026 04:03Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.2

EPSS0.00349

SSVC

node denial of service kubelet checkpoint api kubernetes software