Kubernetes CLI tool security flaw lets attackers run code on host machine
The Kubernetes project has patched today a dangerous security flaw that could allow for clever hacks where attackers may run code on the host machine. The vulnerability doesn’t impact the Kubernetes system itself, but kubectl (Kube control), the official command-line utility for working with Kubernetes installations. Security researchers have discovered a security flaw in the kubectl cp (copy) operation that is used to transfer files from containers to a user’s host machine.
Exploiting this flaw isn’t simple, as an attacker would need to first place malicious files inside a Kubernetes container, and then wait for a Kubernetes admin to transfer those files to his system. The malicious files would execute automatically; however, this attack also relies on luck and a little bit of social engineering. Nevertheless, Wei Lien Dang, Co-Founder and Vice President of Product at StackRox, sees this vulnerability as very dangerous, regardless.
This vulnerability, tracked as CVE-2019-11246, was discovered by Charles Holmes of Atredis Partners, and was found as part of a security audit sponsored by the Cloud Native Computing Foundation.