10 matches found
SUSE CVE-2025-64436
KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to excessive permissions granted to the virt-handler service account. An attacker can initiate unauthorized migrations of virtual machine instances to attacker-controlled nodes or mark all nodes as...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to excessive permissions granted to the virt-handler service account. An attacker can initiate unauthorized migrations of virtual machine instances to attacker-controlled nodes or mark all nodes as...
CVE-2025-64436
KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...
AZL-69967 CVE-2025-64436 affecting package kubevirt 0.59.0-38
KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...
AZL-69790 CVE-2025-64436 affecting package kubevirt for versions less than 1.6.3-1
KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...
CVE-2025-64436
KubeVirt CVE-2025-64436 affects the virt-handler service account in KubeVirt up to version 1.5.0, where overprivileged permissions (e.g., updating VMI, patching nodes) could be abused to migrate a VMI to an attacker-controlled node or mark all nodes as unschedulable, potentially forcing privilege...
CVE-2025-64436 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes
KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...
PT-2025-45439
Name of the Vulnerable Software and Affected Versions KubeVirt versions prior to 1.5.0 Description KubeVirt, a virtual machine management add-on for Kubernetes, has an issue where permissions granted to the virt-handler service account could be misused. Specifically, the ability to update VMIs an...
Kubernetes: Node Validation Admission does not observe all oldObject fields
Summary: The Validating Admission webhook for Node Objects is passing oldObject fields incorrectly on AdmissionReview.Request. It was identified initially in metadata.labels, but a list of impacted fields follows below: oldNode.Spec.PodCIDRs oldNode.Spec.ProviderID oldNode.Spec.ConfigSource...