CVE-2025-64437 — Link Following in Kubevirt

CWE-59 — Link Following7 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

0.0%

top 93.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Kubevirt Kubevirt.io Kubevirt

Timeline

PublishedNov 7

Latest updateNov 17

Description

KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launcher-sock is a symlink or a regular file. This oversight can be exploited, for example, to change the ownership of arbitrary files on the host node to the unprivileged user with UID 107 (the same user used by virt-launcher) thus, compromising the CIA (Confidentiality, Integrity and Availability) of data on the host. To successfully exploit this vuln…

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:LExploitability: 0.8 | Impact: 3.7

Affected Packages3 packages

▶CVEListV5kubevirt/kubevirt< 1.5.3+1

▶NVDkubevirt/kubevirt< 1.5.3+1

▶Gokubevirt.io/kubevirt1.6.0-alpha.0 — 1.6.1+2

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes in kubevirt.io/kubevirt↗2025-11-17

▶

CVEList

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes↗2025-11-07

▶

GHSA

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes↗2025-11-06

▶

OSV

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes↗2025-11-06

▶

📋Vendor Advisories

Microsoft

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes↗2025-11-11

▶

Red Hat

kubevirt.io/kubevirt: KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes↗2025-11-07

▶