A security issue was discovered in Kubernetes where an authorized user may be able to access private networks on the Kubernetes control plane components. Kubernetes clusters are only affected if an untrusted user can create or modify Node objects and proxy to them, or an untrusted user can create or modify StorageClass objects and access KubeControllerManager logs.
Acknowledgments: Name: the Kubernetes Product Security Committee Upstream: Javier Provecho (Telefonica)
Created origin tracking bugs for this issue: Affects: fedora-all [bug 1957061]
Upstream issue: https://github.com/kubernetes/kubernetes/issues/101493