CVE-2020-8557

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-8557
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8557.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-8557
Aliases
Downstream
Related
Published
2020-07-23T17:15:12Z
Modified
2025-07-01T11:43:50.938676Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.

References

Affected packages

Debian:11 / kubernetes

Package

Name
kubernetes
Purl
pkg:deb/debian/kubernetes?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.18.5-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / kubernetes

Package

Name
kubernetes
Purl
pkg:deb/debian/kubernetes?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.18.5-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / kubernetes

Package

Name
kubernetes
Purl
pkg:deb/debian/kubernetes?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.18.5-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/kubernetes/kubelet

Affected ranges

Type
GIT
Repo
https://github.com/kubernetes/kubelet
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3c88459e7af1fdf57330d5fecc6b86463c7a9a6c
Type
GIT
Repo
https://github.com/kubernetes/kubernetes
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
39a145ca3413079bcb9c80846488786fed5fe1cb

Affected versions

v0.*

v0.10.0
v0.11.0
v0.12.0
v0.13.0
v0.13.1-dev
v0.14.0
v0.14.1
v0.15.0
v0.16.0
v0.16.1
v0.16.2
v0.17.0
v0.17.1
v0.18.0
v0.18.1
v0.18.2
v0.19.0
v0.19.1
v0.19.2
v0.19.3
v0.2
v0.20.0
v0.20.1
v0.20.2
v0.21.0
v0.21.1
v0.21.2
v0.3
v0.4
v0.5
v0.6.0
v0.7.0
v0.8.0
v0.9.0

v1.*

v1.0.0
v1.1.0-alpha.0
v1.1.0-alpha.1
v1.10.0-alpha.0
v1.10.0-alpha.1
v1.10.0-alpha.2
v1.10.0-alpha.3
v1.11.0-alpha.0
v1.11.0-alpha.1
v1.11.0-alpha.2
v1.12.0-alpha.0
v1.12.0-alpha.1
v1.13.0-alpha.0
v1.13.0-alpha.1
v1.13.0-alpha.2
v1.13.0-alpha.3
v1.14.0-alpha.0
v1.14.0-alpha.1
v1.14.0-alpha.2
v1.14.0-alpha.3
v1.15.0-alpha.0
v1.15.0-alpha.1
v1.15.0-alpha.2
v1.15.0-alpha.3
v1.16.0
v1.16.0-alpha.0
v1.16.0-alpha.1
v1.16.0-alpha.2
v1.16.0-alpha.3
v1.16.0-beta.0
v1.16.0-beta.1
v1.16.0-beta.2
v1.16.0-rc.1
v1.16.0-rc.2
v1.16.1
v1.16.1-beta.0
v1.16.10
v1.16.10-beta.0
v1.16.11
v1.16.11-rc.0
v1.16.12
v1.16.12-rc.0
v1.16.12-rc.1
v1.16.13-rc.0
v1.16.2
v1.16.2-beta.0
v1.16.3
v1.16.3-beta.0
v1.16.4
v1.16.4-beta.0
v1.16.5
v1.16.5-beta.0
v1.16.5-beta.1
v1.16.6
v1.16.6-beta.0
v1.16.7
v1.16.7-beta.0
v1.16.8
v1.16.8-beta.0
v1.16.9
v1.16.9-beta.0
v1.17.0-alpha.0
v1.2.0-alpha.1
v1.2.0-alpha.2
v1.2.0-alpha.3
v1.2.0-alpha.4
v1.2.0-alpha.5
v1.2.0-alpha.6
v1.2.0-alpha.7
v1.2.0-alpha.8
v1.3.0-alpha.0
v1.3.0-alpha.1
v1.3.0-alpha.2
v1.3.0-alpha.3
v1.3.0-alpha.4
v1.3.0-alpha.5
v1.4.0-alpha.0
v1.4.0-alpha.1
v1.4.0-alpha.2
v1.4.0-alpha.3
v1.5.0-alpha.0
v1.5.0-alpha.1
v1.5.0-alpha.2
v1.6.0-alpha.0
v1.6.0-alpha.1
v1.6.0-alpha.2
v1.6.0-alpha.3
v1.7.0-alpha.0
v1.7.0-alpha.1
v1.7.0-alpha.2
v1.7.0-alpha.3
v1.7.0-alpha.4
v1.8.0-alpha.0
v1.8.0-alpha.1
v1.8.0-alpha.2
v1.8.0-alpha.3
v1.9.0-alpha.0
v1.9.0-alpha.1
v1.9.0-alpha.2
v1.9.0-alpha.3