CVE-2022-1798

Name of the Vulnerable Software and Affected Versions KubeVirt versions up to 0.56 KubeVirt version 0.55.1

Description A path traversal vulnerability in KubeVirt allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. The read operations are limited to files which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not accessible. SELinux may mitigate this vulnerability.

Recommendations For KubeVirt versions up to 0.56, sanitize the imagePath in pkg/container-disk/container-disk.go following ISE best practices and add checks in pkg/virt-api/webhooks/validating-webhook/admitters/vmi-create-admitter.go to mitigate the vulnerability. For KubeVirt version 0.55.1, sanitize the imagePath in pkg/container-disk/container-disk.go following ISE best practices and add checks in pkg/virt-api/webhooks/validating-webhook/admitters/vmi-create-admitter.go to mitigate the vulnerability. As a temporary workaround, consider restricting access to sensitive files on the host filesystem to minimize the risk of exploitation.