CVE-2025-0426

{"id": "CVE-2025-0426", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "jordan@liggitt.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2025-02-13T16:16:48.417", "references": [{"url": "https://github.com/kubernetes/kubernetes/issues/130016", "source": "jordan@liggitt.net"}, {"url": "https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8", "source": "jordan@liggitt.net"}, {"url": "http://www.openwall.com/lists/oss-security/2025/02/13/1", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "jordan@liggitt.net", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk."}, {"lang": "es", "value": "Se descubri\u00f3 un problema de seguridad en Kubernetes donde una gran cantidad de solicitudes de puntos de control de contenedor realizadas al endpoint HTTP de solo lectura de kubelet no autenticado pueden provocar una denegaci\u00f3n de servicio de nodo al llenar el disco del nodo."}], "lastModified": "2025-02-13T17:17:19.863", "sourceIdentifier": "jordan@liggitt.net"}