Unrated severityNVD Advisory· Published May 24, 2023· Updated Jan 16, 2025
runAsNonRoot logic bypass for Windows containers
CVE-2021-25749
Description
Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18- osv-coords17 versionspkg:apk/chainguard/kubeadm-1.20pkg:apk/chainguard/kube-apiserver-1.20pkg:apk/chainguard/kube-controller-manager-1.20pkg:apk/chainguard/kubectl-1.20pkg:apk/chainguard/kubectl-bash-completion-1.20pkg:apk/chainguard/kubelet-1.20pkg:apk/chainguard/kube-proxy-1.20pkg:apk/chainguard/kubernetes-1.20pkg:apk/chainguard/kubernetes-1.20-defaultpkg:apk/chainguard/kubernetes-pause-3.4pkg:apk/chainguard/kube-scheduler-1.20pkg:rpm/suse/kubernetes1.23&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/kubernetes1.23&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/kubernetes1.23&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/kubernetes1.23&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4pkg:rpm/suse/kubernetes1.23&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/kubernetes1.23&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
< 0+ 16 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.23.17-150300.7.6.1
- (no CPE)range: < 1.23.17-150300.7.6.1
- (no CPE)range: < 1.23.17-150300.7.6.1
- (no CPE)range: < 1.23.17-150300.7.6.1
- (no CPE)range: < 1.23.17-150300.7.6.1
- (no CPE)range: < 1.23.17-150300.7.6.1
- Range: kubelet v1.22.0 - v1.22.13
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.