CRITICAL🇵🇱 Wersja polska

CVE-2026-7374

CVSS 9.9v3.1pub. 2026-05-26upd. 2026-06-30

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.

🤖 AI Analysis
How it works

The vulnerability results from improper symlink validation (CWE-59) when establishing connections to virtual machine console sockets through the virt-handler component. An attacker replaces the console socket with a symbolic link (symlink) pointing to the CRI-O container runtime environment socket on the host. As a result, virt-handler, running with elevated privileges, unknowingly connects to the substituted socket, giving the attacker access to any Unix socket on the host.

Impact

An attacker can gain full control over a Kubernetes/OpenShift cluster node and subsequently expand the attack to the entire cluster, which includes compromising the confidentiality, integrity, and availability of all resources.

Mitigation & patch

Apply patches available from the vendor according to the references (https://access.redhat.com/security/cve/CVE-2026-7374). As a temporary workaround, consider restricting edit permissions in namespaces to trusted users and monitoring access to virtual machine console sockets.

Who is affected

KubeVirt — virt-handler component running in OpenShift environments; specific versions indicated in vendor references (Red Hat Bugzilla #2463728)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Container
CWE
References