Skip to main content
A Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Six years running.Find Out Why
CVE Vulnerability Database
Vulnerability Database/CVE-2026-42965

CVE-2026-42965: OpenShift Router Info Disclosure Flaw

CVE-2026-42965 is an information disclosure vulnerability in OpenShift Router that allows attackers to access cloud metadata endpoints and expose instance credentials. This article covers technical details, impact, and mitigation.

Published:

CVE-2026-42965 Overview

A Server-Side Request Forgery (SSRF) vulnerability exists in the OpenShift Router. A user with write access to EndpointSlice resources can create a Service backed by a Fully Qualified Domain Name (FQDN) EndpointSlice that resolves to a cloud metadata endpoint. The router then proxies requests to that endpoint, exposing instance credentials and other sensitive metadata. The flaw bypasses prior controls that validated raw IP addresses, since the FQDN resolution happens after validation. This issue is tracked as [CWE-918] Server-Side Request Forgery.

Critical Impact

Authenticated tenants with EndpointSlice write permissions can pivot through the OpenShift Router to retrieve cloud instance credentials from provider metadata services such as 169.254.169.254.

Affected Products

  • Red Hat OpenShift Container Platform — OpenShift Router component
  • Cloud-deployed OpenShift clusters relying on instance metadata services (AWS, Azure, GCP)
  • See the Red Hat CVE-2026-42965 Advisory for the full affected version matrix

Discovery Timeline

  • 2026-05-29 - CVE CVE-2026-42965 published to NVD
  • 2026-05-29 - Last updated in NVD database

Technical Details for CVE-2026-42965

Vulnerability Analysis

The OpenShift Router forwards HTTP traffic to backend endpoints defined by Kubernetes Service and EndpointSlice objects. An EndpointSlice can reference backends by hostname rather than by IP address. When the router resolves an FQDN backend at request time, the resulting IP address is not re-validated against the deny list that blocks link-local and metadata ranges. An attacker controlling DNS resolution, or simply selecting a hostname that resolves to a metadata IP, redirects the router to internal cloud APIs. The router returns the response body containing temporary instance credentials, IAM role tokens, user-data, and other sensitive provider metadata.

Root Cause

The root cause is incomplete input validation in the router's backend resolution path. Earlier patches blocked direct IP entries pointing to ranges such as 169.254.0.0/16, but the FQDN code path performs DNS lookups outside that validation boundary. This creates a classic Time-of-Check to Time-of-Use (TOCTOU) gap between Service admission and actual proxying.

Attack Vector

Exploitation requires network access to the cluster API and low-privilege Kubernetes credentials with endpointslices write permission in any namespace. The attacker creates an EndpointSlice whose addresses field contains an FQDN resolving to 169.254.169.254 (AWS/Azure/GCP IMDS) or an equivalent cloud-internal address. The attacker then creates a matching Service and Route, and issues HTTP requests through the router. The router resolves the hostname, connects to the metadata endpoint from its in-cluster network position, and returns the metadata response to the attacker. No user interaction is required, and the scope changes from the tenant boundary to the underlying cloud instance identity.

No public proof-of-concept code is available. The vulnerability mechanics are documented in the Red Hat Bugzilla Report #2483184.

Detection Methods for CVE-2026-42965

Indicators of Compromise

  • Outbound connections from OpenShift Router pods to 169.254.169.254, fd00:ec2::254, or other cloud metadata addresses
  • EndpointSlice objects with addressType: FQDN referencing hostnames that resolve to link-local or metadata ranges
  • Unexpected Route and Service creations in tenant namespaces followed by HTTP requests returning IAM credential JSON structures
  • Cloud audit log entries showing API calls authenticated with the router node's instance role from unexpected sources

Detection Strategies

  • Audit Kubernetes API server logs for create and update actions on endpointslices.discovery.k8s.io resources where addressType is FQDN
  • Inspect router pod egress traffic for any connection to RFC 3927 link-local addresses (169.254.0.0/16)
  • Correlate Route creation events with subsequent HTTP responses containing patterns matching cloud credential payloads such as AccessKeyId, SecretAccessKey, or access_token

Monitoring Recommendations

  • Enable cloud-provider IMDSv2 enforcement and log all IMDS access attempts from cluster nodes
  • Forward Kubernetes audit logs and router access logs to a centralized analytics platform for cross-source correlation
  • Alert on any EndpointSlice referencing FQDNs outside an approved allowlist of internal service domains

How to Mitigate CVE-2026-42965

Immediate Actions Required

  • Apply the OpenShift Router patch referenced in the Red Hat CVE-2026-42965 Advisory as soon as it is available for your channel
  • Restrict endpointslices write permissions in RBAC to cluster administrators and trusted controllers only
  • Enforce IMDSv2 on all cloud instances hosting OpenShift nodes to require session-token-based metadata access
  • Rotate any IAM credentials associated with router node instance profiles if exploitation is suspected

Patch Information

Red Hat has published guidance and fixed package versions through the Red Hat CVE-2026-42965 Advisory. Customers should consult the advisory for the specific OpenShift Container Platform errata applicable to their release stream and apply updates via the cluster update channel.

Workarounds

  • Deploy an admission controller (OPA/Gatekeeper or Kyverno) that rejects EndpointSlice objects with addressType: FQDN or with addresses resolving to link-local and metadata ranges
  • Apply network policies or host-level firewall rules on router nodes that block egress to 169.254.169.254 and equivalent cloud metadata addresses
  • Audit and revoke unnecessary endpointslices write permissions across all namespaces until patches are applied
bash
# Example Kyverno policy fragment to deny FQDN EndpointSlices
# (validate before applying to production)
apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  name: deny-fqdn-endpointslice
spec:
  validationFailureAction: Enforce
  rules:
    - name: block-fqdn-addresstype
      match:
        any:
          - resources:
              kinds:
                - EndpointSlice
      validate:
        message: "FQDN EndpointSlices are prohibited (CVE-2026-42965)."
        pattern:
          addressType: "!FQDN"

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne