Impact
The privileged pods are managed by Longhorn running on every node for volume replica management in a Kubernetes cluster. Each pod container runs as root and exposes a gRPC service on TCP port 8500. The service is accessible by any workload in the cluster without authentication. A malicious workload can take advantage of this service to execute any binary present in the image on the host.
Patches
This issue is fixed in 1.1.3 and 1.2.3.
Workarounds
There are no workarounds/mitigations. Please upgrade the Longhorn cluster to 1.1.3 or 1.2.3 to resolve the issue.
References
N/A
For more information
If you have any questions or comments about this advisory:
Impact
The Longhorn instance manager pods are responsible for volume replica management and access. The vulnerability issue is found that it is possible to connect to a longhorn-engine replica instance running in the instance-manager replica pod. The longhorn-engine replica can handle multiple TCP connections. Each connection is able to read and write data on the replica. It may allow other pods in the cluster to read and write data to and from a replica that the malicious pod doesn't have access to.
Patches
This issue is fixed in 1.1.3 and 1.2.3.
Workarounds
There are no workarounds/mitigations. Please upgrade the Longhorn cluster to 1.1.3 or 1.2.3 to resolve the issue.
For more information
If you have any questions or comments about this advisory:
Credits
Thanks to Dagan Henderson and Will Kline for reporting this vulnerability issue.
Impact
The privileged pods are managed by Longhorn running on every node for volume replica management in a Kubernetes cluster. Each pod container runs as root and exposes a gRPC service on TCP port 8500. The service is accessible by any workload in the cluster without authentication. A malicious workload can take advantage of this service to execute any binary present in the image on the host.
Patches
This issue is fixed in 1.1.3 and 1.2.3.
Workarounds
There are no workarounds/mitigations. Please upgrade the Longhorn cluster to 1.1.3 or 1.2.3 to resolve the issue.
References
N/A
For more information
If you have any questions or comments about this advisory:
Impact
The Longhorn instance manager pods are responsible for volume replica management and access. The vulnerability issue is found that it is possible to connect to a longhorn-engine replica instance running in the instance-manager replica pod. The longhorn-engine replica can handle multiple TCP connections. Each connection is able to read and write data on the replica. It may allow other pods in the cluster to read and write data to and from a replica that the malicious pod doesn't have access to.
Patches
This issue is fixed in 1.1.3 and 1.2.3.
Workarounds
There are no workarounds/mitigations. Please upgrade the Longhorn cluster to 1.1.3 or 1.2.3 to resolve the issue.
For more information
If you have any questions or comments about this advisory:
Credits
Thanks to Dagan Henderson and Will Kline for reporting this vulnerability issue.