Miggo Logo

CVE-2022-31077: CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server

4

CVSS Score
3.1

Basic Information

EPSS Score
0.54638%
Published
6/25/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/kubeedge/kubeedgego= 1.10.01.10.1
github.com/kubeedge/kubeedgego< 1.9.31.9.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from nil-pointer dereferences during message processing. The commit diff shows multiple functions were modified to return &struct{} instead of nil pointers in error cases. Specifically:

  1. ExtractMessage in udsserver/server.go previously returned nil on empty context/unmarshal errors
  2. extractMessage in csidriver/utils.go used pointer declarations vulnerable to nil returns
  3. Similar patterns in node/pvc/volumeattachment handlers (node.go shown as example) These functions would crash when callers attempted to use the returned nil pointers. The fixes ensure non-nil returns even in error cases, confirming these were the vulnerable points.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * m*li*ious m*ss*** r*spons* *rom Ku****** **n *r*s* t** *SI *riv*r *ontroll*r s*rv*r *y tri***rin* * nil-point*r **r***r*n** p*ni*. *s * *ons*qu*n**, t** *SI *riv*r *ontroll*r will ** in **ni*l o* s*rvi**. *n *tt**k*r woul* *lr***y n*** t

Reasoning

T** vuln*r**ility st*ms *rom nil-point*r **r***r*n**s *urin* m*ss*** pro**ssin*. T** *ommit *i** s*ows multipl* *un*tions w*r* mo*i*i** to r*turn &stru*t{} inst*** o* nil point*rs in *rror **s*s. Sp**i*i**lly: *. *xtr**tM*ss*** in u*ss*rv*r/s*rv*r.*