{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-13208", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2026-06-24T14:53:27.480Z", "datePublished": "2026-06-24T20:39:00.675Z", "dateUpdated": "2026-06-24T20:39:00.675Z"}, "containers": {"cna": {"title": "Kubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts vmi identity from unauthenticated grpc request body", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity (namespace/name) solely from the request body without validating it against the connection's origin. Each virt-launcher pod connects through a per-VMI pipe socket, but no identity tag is propagated from the pipe path to the server handlers. This allows a compromised virt-launcher process to send forged domain lifecycle events for any other VMI scheduled on the same node, causing virt-handler to erroneously update that VMI's state and disrupt its lifecycle management."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat OpenShift Virtualization 4", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "container-native-virtualization/virt-handler", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:container_native_virtualization:4"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Virtualization 4", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "container-native-virtualization/virt-handler-rhel9", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:container_native_virtualization:4"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2026-13208", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492220", "name": "RHBZ#2492220", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2026-06-24T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "Improper Authentication", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-287: Improper Authentication", "workarounds": [{"lang": "en", "value": "Organizations can reduce exposure by: (1) restricting pods/exec permission on virt-launcher pods via admission policies (e.g., Gatekeeper or Kyverno rules denying exec on pods with the kubevirt.io launcher label), (2) using node affinity or dedicated node pools to isolate high-security tenant workloads from untrusted tenants, and (3) monitoring for unexpected VMI state transitions via cluster alerting."}], "timeline": [{"lang": "en", "time": "2026-06-24T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-06-24T00:00:00.000Z", "value": "Made public."}], "credits": [{"lang": "en", "value": "This issue was discovered by Huzaifa Sidhpurwala (Red Hat)."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-06-24T20:39:00.675Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}}}

{}

{}

{"acknowledgement": "This issue was discovered by Huzaifa Sidhpurwala (Red Hat).", "bugzilla": {"description": "kubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts VMI identity from unauthenticated gRPC request body", "id": "2492220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492220"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-287", "details": ["A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity (namespace/name) solely from the request body without validating it against the connection's origin. Each virt-launcher pod connects through a per-VMI pipe socket, but no identity tag is propagated from the pipe path to the server handlers. This allows a compromised virt-launcher process to send forged domain lifecycle events for any other VMI scheduled on the same node, causing virt-handler to erroneously update that VMI's state and disrupt its lifecycle management."], "mitigation": {"lang": "en:us", "value": "Organizations can reduce exposure by: (1) restricting pods/exec permission on virt-launcher pods via admission policies (e.g., Gatekeeper or Kyverno rules denying exec on pods with the kubevirt.io launcher label), (2) using node affinity or dedicated node pools to isolate high-security tenant workloads from untrusted tenants, and (3) monitoring for unexpected VMI state transitions via cluster alerting."}, "name": "CVE-2026-13208", "package_state": [{"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Fix deferred", "package_name": "container-native-virtualization/virt-handler", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Fix deferred", "package_name": "container-native-virtualization/virt-handler-rhel9", "product_name": "Red Hat OpenShift Virtualization 4"}], "public_date": "2026-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-13208\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-13208"], "statement": "Red Hat has assessed this issue as Moderate impact for OpenShift Virtualization. In a default deployment, a user with namespace edit permissions can exec into their own virt-launcher pod and exploit the unvalidated VMI identity in the notify server to disrupt co-located VMs belonging to other tenants. The attack is limited to denial of service (forced shutdown/restart of targeted VMs) and does not provide data access or code execution. Exploitation requires: (1) shell access inside a virt-launcher pod on the target node, (2) knowledge of the victim VMI's namespace and name, and (3) the victim VM to be scheduled on the same node. SELinux MCS labels do not mitigate this because the notify pipe socket is a legitimate communication channel accessible to the launcher process. Network policies are irrelevant as this uses local Unix sockets.", "threat_severity": "Moderate"}

{"created": "2026-06-24T23:30:03.710338+00:00", "updated": "2026-06-25T00:30:03.686446+00:00", "vendors": []}