Lucene search

[email protected]CVE-2020-8557

HistoryJul 23, 2020 - 5:15 p.m.

CVE-2020-8557

2020-07-2317:15:12

CWE-400

[email protected]

web.nvd.nist.gov

133

kubernetes

kubelet

cve-2020-8557

security

disk usage

pod

nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.

Affected configurations

NVD

Node

kuberneteskubernetesRange<1.16.13

kuberneteskubernetesRange1.17.0–1.17.9

kuberneteskubernetesRange1.18.0–1.18.6

CPENameOperatorVersion
kubernetes:kuberneteskuberneteslt1.16.13
kubernetes:kuberneteskuberneteslt1.17.9
kubernetes:kuberneteskuberneteslt1.18.6

CPE	Name	Operator	Version
kubernetes:kubernetes	kubernetes	lt	1.16.13
kubernetes:kubernetes	kubernetes	lt	1.17.9
kubernetes:kubernetes	kubernetes	lt	1.18.6

CNA Affected

[
  {
    "product": "Kubernetes",
    "vendor": "Kubernetes",
    "versions": [
      {
        "status": "affected",
        "version": "1.15"
      },
      {
        "status": "affected",
        "version": "1.14"
      },
      {
        "status": "affected",
        "version": "1.13"
      },
      {
        "status": "affected",
        "version": "1.12"
      },
      {
        "status": "affected",
        "version": "1.11"
      },
      {
        "status": "affected",
        "version": "1.10"
      },
      {
        "status": "affected",
        "version": "1.9"
      },
      {
        "status": "affected",
        "version": "1.8"
      },
      {
        "status": "affected",
        "version": "1.7"
      },
      {
        "status": "affected",
        "version": "1.6"
      },
      {
        "status": "affected",
        "version": "1.5"
      },
      {
        "status": "affected",
        "version": "1.4"
      },
      {
        "status": "affected",
        "version": "1.3"
      },
      {
        "status": "affected",
        "version": "1.2"
      },
      {
        "status": "affected",
        "version": "1.1"
      },
      {
        "lessThan": "1.18.6",
        "status": "affected",
        "version": "1.18",
        "versionType": "custom"
      },
      {
        "lessThan": "1.17.9",
        "status": "affected",
        "version": "1.17",
        "versionType": "custom"
      },
      {
        "lessThan": "1.16.13",
        "status": "affected",
        "version": "1.16",
        "versionType": "custom"
      }
    ]
  }
]