Home

Description

This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.

PUBLISHED Reserved 2024-09-20 | Published 2025-03-13 | Updated 2025-03-13 | Assigner kubernetes




MEDIUM: 5.9CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-20 Improper Input Validation

Product status

Default status
unaffected

<=v1.29.12
affected

v1.30 (semver)
affected

v1.31 (semver)
affected

v1.32 (semver)
affected

Credits

Peled, Tomer finder

Aravindh Puthiyaprambil finder

References

www.openwall.com/lists/oss-security/2025/01/16/1

github.com/kubernetes/kubernetes/issues/129654

groups.google.com/...ernetes-security-announce/c/9C3vn6aCSVg

cve.org (CVE-2024-9042)

nvd.nist.gov (CVE-2024-9042)