/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CVE-2025-64435

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-64435

Severity

5.3

Medium

CVSS V3

Summary

KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation

Description

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can mislead the virt-controller into associating the fake pod with the VMI, resulting in incorrect status updates and potentially causing a DoS (Denial-of-Service). This vulnerability is fixed in 1.7.0-beta.0.

References

  • https://images.chainguard.dev/security/CGA-jgj4-fr63-2p5j
  • https://github.com/advisories/GHSA-9m94-w2vq-hcf9
  • https://github.com/kubevirt/kubevirt/commit/9a6f4a3a707992038ef705da4cb3bba8c89d36ba
  • https://github.com/kubevirt/kubevirt/security/advisories/GHSA-9m94-w2vq-hcf9

Affected packages

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSGolden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsChainguard CoursesDocumentationTrust Center

Company

About UsBlogPartnersNewsroomCareersLegal