CVE-2025-4563

Vulnerability

Overview

A vulnerability exists in the Kubernetes NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks [1][2]. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation [1]. This oversight allows a compromised node to create mirror pods that reference ResourceClaims or ResourceClaimTemplates without proper authorization [2][3].

Attack

Vector and Prerequisites

The vulnerability is exploitable only when the DynamicResourceAllocation feature gate is enabled (disabled by default) and the cluster uses static pods [2]. A node must already be compromised to create mirror pods, meaning the attacker requires high privileges (PR:H) [1][2]. The attack is network-based with low complexity, but no user interaction is needed [1][2]. The kubelet does check the claim's allowed pod list before starting a pod, providing a second layer of defense; however, a static pod could still be created and potentially access the claim before the kubelet's runtime check [3][4].

Impact

A successful exploit could allow a compromised node to create mirror pods that access dynamic resources allocated to other pods, potentially leading to privilege escalation within the cluster [1][2]. The CVSS v3.1 score is 2.7 (Low) with a vector of AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L, indicating limited impact primarily to availability [1][2]. In practice, DRA drivers typically manage node-local resources that can already be accessed without involving DRA, so the real-world impact may be limited [3][4].

Mitigation and

Remediation

The vulnerability is fixed in kube-apiserver versions >= v1.32.6 and >= v1.33.2 [2]. The patch, merged via pull requests #131844 and #131876, rejects static pods that reference ResourceClaims or ResourceClaimTemplates at multiple levels: configuration validation in the kubelet, admission checking of node restrictions, and API validation [3][4]. As a workaround, if not actively using DynamicResourceAllocation features, administrators should disable the feature gate on the API server [2]. Detection involves checking for ResourceClaims and static pods in the cluster using kubectl commands [2].