CVE-2021-25737 Overview
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs. This incomplete validation inconsistency allows privileged users to potentially bypass network isolation controls and redirect traffic to unintended destinations.
Critical Impact
Attackers with sufficient privileges can manipulate EndpointSlice resources to redirect pod traffic to localhost or link-local addresses on Kubernetes nodes, potentially accessing internal services or sensitive network segments that should be isolated.
Affected Products
- Kubernetes Kubernetes (multiple versions)
- Kubernetes 1.21.0
- Various Kubernetes distributions utilizing EndpointSlice functionality
Discovery Timeline
- September 6, 2021 - CVE-2021-25737 published to NVD
- November 21, 2024 - Last updated in NVD database
Technical Details for CVE-2021-25737
Vulnerability Analysis
This vulnerability represents an Input Validation Error in Kubernetes' handling of EndpointSlice resources. While the Kubernetes API server properly validates Endpoint IPs to prevent creation of addresses in the localhost (127.0.0.0/8) or link-local (169.254.0.0/16) ranges, this same validation logic was not applied to the newer EndpointSlice API.
The EndpointSlice API was introduced to improve scalability of Endpoints in large clusters by splitting Endpoint information into smaller, more manageable objects. However, the security validation that existed for traditional Endpoints was not consistently implemented for EndpointSlices, creating a validation gap.
This inconsistency allows a user with permissions to create or modify EndpointSlice resources to specify IP addresses that would normally be blocked, enabling potential traffic redirection attacks.
Root Cause
The root cause stems from incomplete security validation parity between the Endpoint and EndpointSlice APIs (CWE-184: Incomplete List of Disallowed Inputs, CWE-601: URL Redirection to Untrusted Site). When the EndpointSlice API was implemented, the IP address validation logic that prevents localhost and link-local addresses was not replicated from the Endpoint validation code path. This oversight created an inconsistent security boundary where the same malicious configuration that would be blocked via Endpoints could succeed through EndpointSlices.
Attack Vector
The attack vector requires network access and privileged user permissions within the Kubernetes cluster. An attacker with the ability to create or modify EndpointSlice resources can craft malicious EndpointSlice objects containing localhost or link-local IP addresses. When services route traffic based on these EndpointSlices, the traffic can be redirected to the node's local interfaces or link-local network addresses.
The attack scenario involves creating an EndpointSlice with an endpoint pointing to 127.0.0.1 or a link-local address like 169.254.x.x. When other pods attempt to connect to the associated service, their traffic would be directed to these restricted addresses on the node, potentially exposing internal node services or enabling further network-based attacks.
Detection Methods for CVE-2021-25737
Indicators of Compromise
- EndpointSlice resources containing IP addresses in the 127.0.0.0/8 localhost range
- EndpointSlice resources containing IP addresses in the 169.254.0.0/16 link-local range
- Unexpected modifications to EndpointSlice resources by non-system accounts
- Anomalous network traffic patterns from pods to node-local addresses
Detection Strategies
- Implement admission controllers or OPA/Gatekeeper policies to validate EndpointSlice IP addresses
- Monitor Kubernetes audit logs for EndpointSlice create/update operations with suspicious IP addresses
- Deploy network monitoring to detect pod traffic destined for localhost or link-local ranges
- Use SentinelOne Singularity to monitor for unexpected network connections from containerized workloads
Monitoring Recommendations
- Enable Kubernetes audit logging with detailed request/response logging for EndpointSlice resources
- Configure alerts for any EndpointSlice containing RFC1918 private addresses, localhost, or link-local ranges
- Implement continuous compliance scanning of EndpointSlice resources against security policies
How to Mitigate CVE-2021-25737
Immediate Actions Required
- Upgrade Kubernetes to a patched version that includes EndpointSlice IP validation
- Audit existing EndpointSlice resources for any suspicious IP addresses
- Implement RBAC restrictions to limit which users and service accounts can create or modify EndpointSlice resources
- Deploy admission controllers to enforce IP address validation for EndpointSlice resources
Patch Information
Kubernetes has addressed this vulnerability in subsequent releases. Review the GitHub Issue #102106 for specific version information and patch details. The Kubernetes Security Announcement provides additional guidance on affected versions and remediation steps. Organizations using NetApp products should also review the NetApp Security Advisory NTAP-20211004-0004.
Workarounds
- Restrict RBAC permissions for EndpointSlice resources to only trusted system components
- Deploy ValidatingWebhookConfiguration to reject EndpointSlices with localhost or link-local addresses
- Implement network policies to prevent pod-to-node localhost connections where possible
- Use OPA Gatekeeper constraints to enforce EndpointSlice IP validation until patches can be applied
# Configuration example - OPA Gatekeeper constraint to block suspicious EndpointSlice IPs
# Save as endpointslice-ip-constraint.yaml
apiVersion: constraints.gatekeeper.sh/v1beta1
kind: K8sBlockEndpointSliceLocalIPs
metadata:
name: block-local-endpointslice-ips
spec:
match:
kinds:
- apiGroups: ["discovery.k8s.io"]
kinds: ["EndpointSlice"]
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
