vmi dos

The tag vmi dos covers a specific security vulnerability in KubeVirt, a Kubernetes virtualization extension. The content discusses CVE-2025-64435, a logic flaw in virt-controller that allows an attacker with pod creation privileges in a target namespace to impersonate a legitimate virt-launcher pod for a running VirtualMachineInstance (VMI). This impersonation causes the controller to bind lifecycle operations to the attacker-controlled pod, leading to sustained denial-of-service (DoS) effects. The fix is included in KubeVirt 1.7.0-beta.0. This tag is relevant for users managing KubeVirt deployments and concerned about Kubernetes security, particularly around VMI DoS attacks via impersonation.