Bug 2492659 (CVE-2026-13318) - CVE-2026-13318 virt-api-rhel9: kubevirt: KubeVirt: SSRF in virt-api port-forward via unvalidated guest-agent-reported IP
Summary: CVE-2026-13318 virt-api-rhel9: kubevirt: KubeVirt: SSRF in virt-api port-forw...
Keywords:
Status: NEW
Alias: CVE-2026-13318
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-06-25 08:45 UTC by OSIDB Bzimport
Modified: 2026-06-25 08:50 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2026-06-25 08:45:38 UTC
A server-side request forgery (SSRF) flaw was found in KubeVirt's virt-api port-forward handler. The function getTargetInterfaceIP (pkg/virt-api/rest/dialers.go) returns vmi.Status.Interfaces[0].IP without validation, which is then passed to net.Dial(). For VMIs using non-masquerade bindings (bridge or secondary-only), this IP is reported by the QEMU guest agent inside the VM and is fully controllable by the VM owner.

A tenant with kubevirt.io:edit permissions can create a VM with a modified guest agent reporting an arbitrary IP, then request port-forward to establish a bidirectional TCP tunnel from virt-api's cluster-internal network position to any routable destination.

The default masquerade binding uses the cluster-assigned pod IP and is NOT affected.


Note You need to log in before you can comment on or make changes to this bug.