Man-in-the-Middle (MitM) Affecting github.com/containernetworking/plugins/pkg/ip package, versions <0.8.6
Do your applications use this vulnerable package?
10 Jul 2020
8 Jun 2020
How to fix?
github.com/containernetworking/plugins/pkg/ip to version 0.8.6 or higher.
github.com/containernetworking/plugins/pkg/ip is a CNI network plugins, maintained by the containernetworking team.
Affected versions of this package are vulnerable to Man-in-the-Middle (MitM). A cluster configured to use an affected container networking implementation is susceptible to man-in-the-middle (MitM) attacks. By sending “rogue” router advertisements, a malicious container can reconfigure the host to redirect part or all of the IPv6 traffic of the host to the attacker-controlled container. Even if there was no IPv6 traffic before, if the DNS returns A (IPv4) and AAAA (IPv6) records, many HTTP libraries will try to connect via IPv6 first then fallback to IPv4, giving an opportunity to the attacker to respond.