CVE-2020-8557
go/github.com/kubernetes/kubelet
Uncontrolled Resource Consumption
The /etc/hosts
file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts
file, it could fill the storage space of the node and cause the node to fail.
All versions before 1.16.13, all versions starting from 1.17.0 before 1.17.9, all versions starting from 1.18.0 before 1.18.6
Upgrade to versions 1.16.13, 1.17.9, 1.18.6 or above.
2020-07-31
source |