{"uuid": "109b6cc3-c553-40f9-b5d9-5ff87ba1630f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1767", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/5107", "content": "\u0412 \u043f\u043e\u0441\u0442\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043d \u043f\u0440\u0438\u043c\u0435\u0440 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043e\u043d \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442.\n\nThere\u2019s a new Kubernetes security vulnerability that\u2019s just been disclosed and I thought it was worth taking a look at it, as there\u2019s a couple of interesting aspects to it. CVE-2025-1767 exists in the gitRepo volume type and can allow users who can create pods with gitRepo volumes to get access to any other git repository on the node where the pod is deployed.\n. . .\nPatching & Mitigation\n\nThe patching situation for this vulnerability is interesting. The CVE description says that a patch will not be provided as gitRepo volumes are deprecated, which is true. However, this volume type is enabled by Kubernetes by default and there is no flag or switch that would allow a cluster operator to disable it.\n\nIn practice, if you don\u2019t use gitRepo volumes, you can mitigate this in a couple of ways. If you don\u2019t need git on your nodes you can just remove it there (assuming un-managed Kubernetes of course), and you can also block the use of these volumes using Validating Admission Policy or similar admission controllers.\nCVE-2025-1767 - Another gitrepo issue\nhttps://raesene.github.io/blog/2025/03/14/cve-2025-1767-another-gitrepo-issue/\n\n\u041f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0439 \u043f\u043e\u0441\u0442 \u0438\u0437 \u044d\u0442\u043e\u0439 \u0441\u0435\u0440\u0438\u0438\nFun With GitRepo Volumes\nhttps://raesene.github.io/blog/2024/07/10/Fun-With-GitRepo-Volumes/\n\n\u0421\u043f\u0430\u0441\u0438\u0431\u043e \u043f\u043e\u0434\u043f\u0438\u0441\u0447\u0438\u043a\u0443 \u0437\u0430 \u0441\u0441\u044b\u043b\u043a\u0443", "creation_timestamp": "2025-03-15T16:15:16.000000Z"}