Back to search
CVE-2025-64436
Published: Nov 7, 2025
Modified: Nov 10, 2025
PUBLISHED
Description
KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could otherwise allow an attacker to mark all nodes as unschedulable, potentially forcing the migration or creation of privileged pods onto a compromised node.
| Vendor | Product | Versions |
|---|---|---|
kubevirt | kubevirt | affected <= 1.5.0 |
References
https://github.com/kubevirt/kubevirt/security/advisories/GHSA-7xgm-5prm-v5gc
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now