Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-64436

CVE-2025-64436: Kubevirt Privilege Escalation Vulnerability

CVE-2025-64436 is a privilege escalation vulnerability in Kubevirt that allows attackers to abuse virt-handler permissions to force VMI migrations to compromised nodes. This article covers technical details, affected versions, and mitigation.

Published:

CVE-2025-64436 Overview

CVE-2025-64436 affects KubeVirt, a virtual machine management add-on for Kubernetes. The vulnerability exists in versions 1.5.0 and earlier. Excessive permissions granted to the virt-handler service account allow an attacker who compromises a node to abuse Virtual Machine Instance (VMI) update and node patch rights. An attacker can force VMI migration to an attacker-controlled node or mark all nodes as unschedulable. This condition can force the migration or creation of privileged pods onto a compromised node, expanding attacker control within the cluster. The weakness is categorized as improper privilege management [CWE-269].

Critical Impact

Abuse of virt-handler permissions enables cluster-wide manipulation of VMI scheduling and forced placement of privileged workloads onto compromised nodes.

Affected Products

  • KubeVirt 1.5.0 and earlier
  • KubeVirt deployments on Kubernetes clusters
  • Virtualized workloads managed through the virt-handler DaemonSet

Discovery Timeline

  • 2025-11-07 - CVE-2025-64436 published to NVD
  • 2026-06-17 - Last updated in NVD database

Technical Details for CVE-2025-64436

Vulnerability Analysis

KubeVirt runs a per-node agent called virt-handler that manages VMI lifecycle operations on each Kubernetes node. The service account bound to virt-handler receives permissions to update VMI objects and patch node resources. These rights are broader than required for node-local operations. An attacker who gains code execution on any single node inherits the virt-handler service account token on that node. The attacker can then invoke the Kubernetes API using those credentials against the entire cluster. This design flaw enables cross-node influence from a single compromised host.

Root Cause

The root cause is over-privileged Role-Based Access Control (RBAC) bindings assigned to the virt-handler service account. Update and patch verbs on VMI and Node resources are granted cluster-wide rather than scoped to the local node. The permission model does not enforce the boundary that a node-local agent should only mutate objects tied to its own node.

Attack Vector

An attacker first compromises a node running the virt-handler pod or obtains its service account token. Using the token, the attacker patches Node objects to set unschedulable: true across the cluster. The attacker then updates target VMI specifications to force live migration onto a node they control. When privileged pods or VMIs land on the attacker-controlled node, the attacker gains access to sensitive workloads, secrets, and VM memory. The vulnerability requires prior access to a node context but does not require user interaction to escalate impact cluster-wide.

No public proof-of-concept exploit is available. See the KubeVirt GitHub Security Advisory GHSA-7xgm-5prm-v5gc for maintainer-provided technical details.

Detection Methods for CVE-2025-64436

Indicators of Compromise

  • Kubernetes audit log entries showing the virt-handler service account patching Node objects it does not run on.
  • VMI spec.nodeSelector or migration target changes originating from the virt-handler service account outside of expected reconciliation flows.
  • Multiple nodes transitioning to SchedulingDisabled state within a short time window.
  • Unexpected live-migration events for VMIs hosting privileged or sensitive workloads.

Detection Strategies

  • Enable Kubernetes API server audit logging at the Metadata level or higher for nodes and virtualmachineinstances resources.
  • Alert on any patch or update verb executed by system:serviceaccount:kubevirt:kubevirt-handler targeting a node other than the one hosting the calling pod.
  • Correlate VMI migration events with the identity that initiated the change and flag operations not originating from virt-controller.

Monitoring Recommendations

  • Baseline normal virt-handler API activity per node and alert on deviations.
  • Monitor for bulk unschedulable transitions across the node inventory.
  • Track service account token usage from unexpected source IPs or pods within the cluster network.

How to Mitigate CVE-2025-64436

Immediate Actions Required

  • Upgrade KubeVirt to a fixed release above 1.5.0 as published in the KubeVirt GitHub Security Advisory.
  • Audit existing RBAC bindings for the virt-handler service account and remove any custom over-permissive roles.
  • Review recent Kubernetes audit logs for unauthorized node patch or VMI update operations.
  • Rotate the virt-handler service account token if compromise is suspected.

Patch Information

The KubeVirt maintainers addressed the issue by tightening the RBAC permissions granted to virt-handler so that update and patch operations are scoped to the node hosting the agent. Consult the official advisory GHSA-7xgm-5prm-v5gc for the exact fixed version and upgrade instructions.

Workarounds

  • Restrict node access using Pod Security Admission and hardened container runtimes to reduce the chance of node compromise.
  • Apply Kubernetes admission policies (Kyverno or OPA Gatekeeper) that reject Node patches from the virt-handler service account targeting nodes other than the local one.
  • Isolate KubeVirt workloads from general-purpose workloads using dedicated node pools to limit blast radius.
bash
# Example Kyverno policy restricting virt-handler node patching
# Apply only after validating against your cluster configuration
kubectl apply -f - <<EOF
apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  name: restrict-virt-handler-node-patch
spec:
  validationFailureAction: Enforce
  rules:
  - name: block-cross-node-patch
    match:
      any:
      - resources:
          kinds:
          - Node
          operations:
          - UPDATE
          - PATCH
    exclude:
      any:
      - subjects:
        - kind: ServiceAccount
          name: kubevirt-controller
          namespace: kubevirt
    validate:
      message: "virt-handler may only patch its own node"
      deny:
        conditions:
          any:
          - key: "{{ request.userInfo.username }}"
            operator: Equals
            value: "system:serviceaccount:kubevirt:kubevirt-handler"
EOF

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.