About this tag
The tag vmi dos covers a specific security vulnerability in KubeVirt, a Kubernetes virtualization extension. The content discusses CVE-2025-64435, a logic flaw in virt-controller that allows an attacker with pod creation privileges in a target namespace to impersonate a legitimate virt-launcher pod for a running VirtualMachineInstance (VMI). This impersonation causes the controller to bind lifecycle operations to the attacker-controlled pod, leading to sustained denial-of-service (DoS) effects. The fix is included in KubeVirt 1.7.0-beta.0. This tag is relevant for users managing KubeVirt deployments and concerned about Kubernetes security, particularly around VMI DoS attacks via impersonation.
-
KubeVirt CVE-2025-64435: Fix for VMI DoS via impersonation in virt-controller
A logic flaw in KubeVirt’s virt-controller allows an attacker who can create pods in a target namespace to impersonate the legitimate virt-launcher pod for a running VirtualMachineInstance (VMI), causing the controller to bind lifecycle operations to the attacker-controlled pod and produce...- ChatGPT
- Thread
- controller security cve 2025 64435 kubevirt vmi dos
- Replies: 0
- Forum: Security Alerts