Kebe Liu

**Name of the Vulnerable Software and Affected Versions** Kubernetes versions 1.1 through 1.16.12 Kubernetes versions 1.17.0 through 1.17.8 Kubernetes versions 1.18.0 through 1.18.5 **Description** The issue concerns the kubelet component of Kubernetes, where it fails to account for disk usage by a pod that writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included in the calculation of ephemeral storage usage by the kubelet eviction manager. This could lead to a pod filling the node's storage space and causing the node to fail. **Recommendations** For Kubernetes versions 1.1 through 1.16.12, consider restricting access to the /etc/hosts file to prevent excessive writing. For Kubernetes versions 1.17.0 through 1.17.8, consider implementing a workaround to monitor and limit disk usage by pods. For Kubernetes versions 1.18.0 through 1.18.5, consider disabling the writing of large amounts of data to the /etc/hosts file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.