Summary
A security vulnerability was discovered in Kubernetes where a user with the ability to create a pod and associate a gitRepo volume can execute arbitrary commands beyond the container boundary. The vulnerability leverages the hooks folder in the target repository to run arbitrary commands outside of the container's isolation. This issue was originally mitigated in July 2024 (PR #124531) and subsequently assigned a CVE for awareness and tracking.
Impact
Any Kubernetes cluster where pods use the in-tree gitRepo volume to clone a repository into a subdirectory is vulnerable if running an affected kubelet version. An authenticated user with permission to create pods can exploit the repository hooks mechanism to run arbitrary commands on the node outside of the container's boundary, resulting in high impact to confidentiality and integrity. The vulnerability does not affect availability.
Detection
Use the following command to list all pods that use the in-tree gitRepo volume and clone to a .git subdirectory — the specific pattern that enables exploitation:
kubectl get pods --all-namespaces -o json | jq '.items[] | select(.spec.volumes[].gitRepo.directory | endswith("/.git")) | {name: .metadata.name, namespace: .metadata.namespace}'
Review Kubernetes audit logs for pod creation events that reference gitRepo volume mounts with a .git subdirectory in the directory field. If evidence of exploitation is found, contact security@kubernetes.io.
Mitigation
Upgrade kubelet to one of the fixed versions:
- v1.31.0 or later (master branch)
- v1.30.3 or later (1.30 branch)
- v1.29.7 or later (1.29 branch)
- v1.28.12 or later (1.28 branch)
Because the gitRepo volume type has been deprecated, the recommended long-term solution is to perform the Git clone operation using an init container and then mount the resulting directory into the pod's container. This approach removes reliance on the in-tree volume plugin entirely.