AI description
CVE-2025-5187 refers to a vulnerability in Kubernetes that could allow nodes to delete themselves by adding a specific OwnerReference. This flaw can be exploited to disrupt cluster operations and cause service outages, requiring administrators to review and update their environments. Additionally, CVE-2025-5187 is listed as a reserved Common Vulnerabilities and Exposures (CVE) identifier. This means that a CVE Numbering Authority (CNA) has reserved the ID, and the record will be updated with details as they become available.
- Description
- A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection.
- Source
- jordan@liggitt.net
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.7
- Impact score
- 5.5
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
- Severity
- MEDIUM
- jordan@liggitt.net
- CWE-863
- Hype score
- Not currently trending
New security advisory for the #openSUSE community. The govulncheck-vulndb package has been updated to version 0.0.20250918T182144-1.1 to address two moderate-severity vulnerabilities (CVE-2025-47906 and CVE-2025-5187). Read more: 👉 https://t.co/zp5wXmNhTR #Security https://t.c
@Cezar_H_Linux
21 Sept 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🐞 You should pay attention to the Kubernetes CVE-2025-5187 While it is only rated a Medium (CVSS 6.7), it's a privilege escalation. Node users can delete their own nodes without permission. That’s an easy way for attackers to cover tracks or cause integrity failures. 👉
@CheckmarxZero
1 Sept 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 Critical #Kubernetes patch for #Fedora41 users! 🔥 CVE-2025-5187: A vulnerability allowing nodes to self-delete via OwnerReference. Impact: High Severity. Risk: Cluster disruption & downtime. Read more:👉 https://t.co/fGgN2gLZeF #Security https://t.co/fRMqBNZusH
@Cezar_H_Linux
24 Aug 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
URGENT: #Fedora 41 has released a critical security patch for Kubernetes, addressing CVE-2025-5187. Read more:👉 https://t.co/YBF61tLnag #Security https://t.co/9earAT8jPE
@Cezar_H_Linux
24 Aug 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference - https://t.co/wWn6xoETjO
@kubernetesio
14 Aug 2025
14379 Impressions
18 Retweets
61 Likes
8 Bookmarks
2 Replies
5 Quotes
CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference - https://t.co/1Wjm67TP7I
@K8sContributors
14 Aug 2025
534 Impressions
0 Retweets
8 Likes
1 Bookmark
0 Replies
0 Quotes