[Security Advisory] CVE-2025-4563: Nodes can bypass dynamic resource allocation authorization checks

13 views
Skip to first unread message

Rita Zhang

unread,
Jun 18, 2025, 10:30:52 PMJun 18
to kubernetes-announce, dev, kubernetes-sec...@googlegroups.com, kubernetes-security-discuss, distributo...@kubernetes.io

Hello Kubernetes Community,


A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods that access unauthorized dynamic resources, potentially leading to privilege escalation.


This issue has been rated Low (2.7) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L, and assigned CVE-2025-4563.


Am I vulnerable?


All clusters that are using the DynamicResourceAllocation feature (disabled by default) and static pods together may be vulnerable.



Affected Versions

  • kube-apiserver: v1.32.0 - v1.32.5

  • kube-apiserver: v1.33.0 - 1.33.1

How do I mitigate this vulnerability?


This issue can be mitigated by:


  • If you're not actively using the DynamicResourceAllocation features, the safest and simplest action is to turn off the feature on the API server.

Fixed Versions

  • kube-apiserver >= v1.32.6 

  • kube-apiserver >= v1.33.2

Detection

All clusters that are using the DynamicResourceAllocation feature and static pods may be vulnerable.  Run the following command to see if the feature is in use:


kubectl get ResourceClaim --all-namespaces


and 


kubectl get pods --all-namespaces -o json | jq -r '

  .items[] 

  | select(.metadata.annotations["kubernetes.io/config.mirror"] == "true") 

  | "\(.metadata.namespace)/\(.metadata.name)"'


If you find evidence that this vulnerability has been exploited, please contact secu...@kubernetes.io


Thank You,


Rita Zhang on behalf of the Kubernetes Security Response Committee

Additional Details

See the GitHub issue for more details:

https://github.com/kubernetes/kubernetes/issues/132151


Acknowledgements


This vulnerability was reported by @amitschendel


The issue was fixed and coordinated by: 


Patrick Ohly @pohly

Jordan Liggitt @liggitt

Balaji @SaranBalaji90

Rita Zhang @ritazh

Marko Mudrinić @xmudrii



Thank You,

Rita Zhang on behalf of the Kubernetes Security Response Committee


Red Hat Product Security

unread,
Jun 19, 2025, 2:32:27 AMJun 19
to kubernetes-sec...@googlegroups.com, rita.z...@gmail.com, distributo...@kubernetes.io, kubernete...@googlegroups.com, kubernetes-se...@googlegroups.com, d...@kubernetes.io

Hello!

INC3695208 ([Security Advisory] CVE-2025-4563: Nodes can bypass dynamic resource allocation authorization checks) is pending your review.

Opened for: rita.z...@gmail.com
Followers: kubernete...@googlegroups.com, d...@kubernetes.io, kubernetes-sec...@googlegroups.com, kubernetes-se...@googlegroups.com, distributo...@kubernetes.io

Abhishek Raj updated your request with the following comments:

Hi Rita,
 
After reviewing the upstream CVSS rating of 2.7 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L) for this vulnerability, we have determined that it significantly under-represents both the attack conditions and potential impact. The upstream vector incorrectly marks Privileges Required as High (PR:H) and Attack Complexity as Low (AC:L). In Kubernetes, a node which is the actor in this scenario has limited API permissions and does not require elevated (admin-level) privileges to exploit the vulnerability. Therefore, PR should be Low. Additionally, exploitation requires a specific and complex set of conditions: the cluster must have the DynamicResourceAllocation feature enabled (which is off by default), static pods must be in use, and the attacker must already have control of a node to craft a mirror pod with access to unauthorized resources. These prerequisites justify marking Attack Complexity as High (AC:H). Moreover, the vulnerability allows access to potentially sensitive dynamic resources, justifying a High Confidentiality impact (C:H) and a Low Integrity impact (I:L) if resources are writable. Availability is not meaningfully affected, as kubelet typically prevents unauthorized pods from running. Based on this analysis, we assess the CVSS vector to be CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N, with a Base Score of 5.9 (Medium), which better reflects the true security implications.
 
Let me know your thoughts accordingly will proceed with our analysis on this .
 
Thanks,
Abhishek

How can I track and update my request?

To respond, reply to this email. You may also create a new email and include the request number (INC3695208) in the subject.

Thank you,
Product Security

 
Ref:MSG107332575

Rita Zhang

unread,
Jun 19, 2025, 2:46:09 PMJun 19
to Red Hat Product Security, kubernetes-sec...@googlegroups.com, distributo...@kubernetes.io, kubernete...@googlegroups.com, kubernetes-se...@googlegroups.com, d...@kubernetes.io
Thanks for the analysis Abhishek. Below are the rationales for the low CVSS score.

AV:N - The Kubernetes API server is accessible over the network.
AC:L - No special conditions are required; a compromised node can initiate the attack directly.
PR:H - The attacker must have control over a node. Nodes are considered high privileged. They can read secrets, create SA tokens, etc which has far more access than a user that has admin level access to a single namespace, for example.
UI:N - No user interaction is needed to exploit the issue.
S:U - If claim access control is fully enforced, no cross-boundary effects.
C:N - The kubelet won't start the pod, thus not granting the attacker access to the devices behind the referenced resource claim.  
I:N - The kubelet won't start the pod, thus not granting the attacker access to the devices behind the referenced resource claim. Attacker cannot alter protected resources via the exploit.
A:L - Exploit cannot disrupt usage of the claim since the pod won't start. Another pod referencing the claim is ignored by the control plane
--
Rita Zhang

Red Hat Product Security

unread,
Jun 19, 2025, 2:47:48 PMJun 19
to kubernetes-sec...@googlegroups.com, rita.z...@gmail.com, distributo...@kubernetes.io, kubernete...@googlegroups.com, kubernetes-se...@googlegroups.com, d...@kubernetes.io

Hello!

INC3695208 ([Security Advisory] CVE-2025-4563: Nodes can bypass dynamic resource allocation authorization checks) has been updated.

A Guest updated your request with the following comments:

> *How can I track and update my request?*
>
> To respond, reply to this email. You may also create a new email and
> include the request number (INC3695208) in the subject.
>
> Thank you,
> Product Security
>
> Ref:MSG107332575
>
 
 
--
Rita Zhang

How can I track and update my request?

To respond, reply to this email. You may also create a new email and include the request number (INC3695208) in the subject.

Thank you,
Product Security

 
Ref:MSG107364517

Red Hat Product Security

unread,
Jun 20, 2025, 7:31:11 AMJun 20
to kubernetes-sec...@googlegroups.com, rita.z...@gmail.com, distributo...@kubernetes.io, kubernete...@googlegroups.com, kubernetes-se...@googlegroups.com, d...@kubernetes.io

Hello!

INC3695208 ([Security Advisory] CVE-2025-4563: Nodes can bypass dynamic resource allocation authorization checks) has been resolved.

Abhishek Raj updated your request with the following comments:

Thanks you Rita for the rationals.

How can I track and update my request?

We want to make sure we have provided you with a complete resolution.

Please review the resolution detail and let us know whether you are all set by approving the resolution.

Thank you,
Product Security

 
Ref:MSG107389680
Reply all
Reply to author
Forward
0 new messages