CVE-2020-8557 — Vulnetix

Try Vulnetix Request Demo

CVE-2020-8557 REJECTED

The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.

EPSS 0.11% · 29.6th percentile

Risk Scores

EPSS Score

0.11%

29.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:24.04:LTS	kubernetes	0, 1.0
Ubuntu:22.04:LTS	kubernetes	0, 1.0
Ubuntu:Pro:20.04:LTS	kubernetes	0, 1.0

Timeline

CVE Published
Jul 22, 2020 PoC Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score

References

https://ubuntu.com/security/CVE-2020-8557 third-party-advisory
https://github.com/kubernetes/kubernetes/issues/93032 third-party-advisory
https://github.com/kubernetes/kubernetes/pull/92916 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2020-8557 third-party-advisory

Open in Interactive Console →