CVE-2022-2835
Description
A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CoreDNS mishandles FQDN queries for ..svc, allowing internal service rerouting.
Vulnerability
CVE-2022-2835 is a flaw in CoreDNS that arises when handling fully qualified domain name (FQDN) queries for internal Kubernetes services. The bug occurs in the plugin that processes service lookups in the format ..svc, allowing a malicious user to reroute internal calls to some internal services [2].
Exploitation
A remote attacker with the ability to craft DNS queries can exploit this by sending specially crafted requests that leverage the namespace-sensitive FQDN resolution. No authentication is required beyond network access to the DNS server, making this attack surface accessible to any client that can reach the CoreDNS instance [1][2].
Impact
Successful exploitation could redirect traffic intended for legitimate internal Kubernetes services to other services within the cluster. This can lead to data interception, service disruption, or further lateral movement depending on the attacker's objectives and the targeted service's permissions [2].
Mitigation
The vendor has acknowledged the issue; users should update to the latest patched version of CoreDNS. There are no known workarounds beyond applying the fix provided by the upstream project [1][2].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/coredns/corednsGo | <= 1.9.3 | — |
Affected products
19- osv-coords18 versionspkg:apk/chainguard/corednspkg:apk/chainguard/coredns-compatpkg:apk/chainguard/coredns-fipspkg:apk/chainguard/eks-distro-coredns-1.8pkg:apk/chainguard/eks-distro-coredns-1.9pkg:apk/chainguard/eks-distro-coredns-fips-1.10pkg:apk/chainguard/juicefs-1.2pkg:apk/chainguard/juicefs-1.2-compatpkg:apk/chainguard/juicefs-1.3pkg:apk/chainguard/juicefs-1.3-compatpkg:apk/chainguard/kubernetes-dns-node-cache-1.17pkg:apk/chainguard/kuma-corednspkg:apk/wolfi/corednspkg:apk/wolfi/coredns-compatpkg:apk/wolfi/juicefs-1.3pkg:apk/wolfi/juicefs-1.3-compatpkg:apk/wolfi/kuma-corednspkg:golang/github.com/coredns/coredns
< 0+ 17 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.2.4-r1
- (no CPE)range: < 1.2.4-r1
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 0
- (no CPE)range: <= 1.9.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/advisories/GHSA-ch7v-37xg-75phghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-2835ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsaWEB
News mentions
0No linked articles in our index yet.