CVE-2025-5187
Nodes can delete themselves by adding an OwnerReference
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
Productos afectados
Kubernetes · Kubernetes¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →