
Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS - LinuxBender
https://threatpost.com/kubernetes-bugs-authentication-bypass-dos/149265/
======
rtempaccount1
So on the YAML DoS one (CVE-2019-11253) it breaks down like this.

If you're using an unpatched version, anyone who can POST YAML to the
Kubernetes API server can chew a fairly large amount of CPU/RAM. How badly
this effects you, depends on a couple of factors.

1\. Is your cluster exposed to the Internet? There's ~240,000 API servers on
the Internet, so this isn't that uncommon.

2\. Do you have `--anonymous-auth=true` on the API server? Again not that
uncommon a config. If you're using a managed distribution, ask your
provider...

3\. Do unauthenticated users have access to an endpoint that allows for YAML
to be posted? This is more likely in clusters at <= v1.13, but is possible
theoretically at any version.

The underlying issue is in the Go YAML library, and has now been patched (if
you're using it to process untrusted YAML, do upgrade to the latest version :)
)

Interestingly the underlying issue is in the YAML spec, which doesn't mandate
a limit on entity expansion...

