Denial of Service Vulnerability in Kubernetes Kubelet Component
CVE-2025-0426
6.2MEDIUM
What is CVE-2025-0426?
A security flaw was identified in the Kubelet component of Kubernetes, allowing unauthenticated users to send numerous container checkpoint requests to a read-only HTTP endpoint. This can lead to a Denial of Service condition by exhausting the Node's disk space, potentially disrupting normal operations and affecting service availability.
Affected Version(s)
kubelet 1.32.0 <= 1.32.1
kubelet 1.31.0 <= 1.31.5
kubelet 1.30.0 <= 1.30.9