CVE-2020-8557

Uncontrolled Resource Consumption in go/github.com/kubernetes/kubelet

Identifiers

CVE-2020-8557

Package Slug

go/github.com/kubernetes/kubelet

Vulnerability

Uncontrolled Resource Consumption

Description

The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.

Affected Versions

All versions before 1.16.13, all versions starting from 1.17.0 before 1.17.9, all versions starting from 1.18.0 before 1.18.6

Solution

Upgrade to versions 1.16.13, 1.17.9, 1.18.6 or above.

Last Modified

2020-07-31

source