Description
A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses O_PATH|O_NOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel dereferences it, defeating the intended no-follow protection. An attacker with access to a virt-launcher pod can exploit this to redirect virt-handler's IPC socket connections, including the notify socket used for VM domain lifecycle events. By hijacking this socket, the attacker can inject arbitrary domain events into virt-handler, causing it to take incorrect lifecycle actions, corrupt VM state in the Kubernetes API, or crash — resulting in sustained denial of VM management services for all virtual machines on the affected node. Additionally, the same symlink following flaw allows virt-handler to apply file ownership or permission changes to unintended host paths.
Published: 2026-06-24
Score: 7.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in KubeVirt’s safepath package causes the kernel to follow symbolic links even when the open flags specify no‑follow protection. When the path leaf is a symlink, a later resolution step dereferences it, allowing the virt-handler process to change ownership or permission bits on unintended host paths. The same flaw lets a user with access to a virt-launcher pod redirect virt-handler’s IPC socket connections, including the notify socket used for VM lifecycle events. By hijacking this socket, an attacker can inject arbitrary domain events, leading to incorrect lifecycle actions, corruption of VM state in the Kubernetes API or crashes, which in turn result in sustained denial of virtual machine management services on the affected node.

Affected Systems

Red Hat OpenShift Virtualization 4 (Container Native Virtualization 4) is affected. The vulnerability exists in the KubeVirt component that runs inside the virt-handler and virt-launcher pods on this distribution; no specific version numbers are listed, but the issue appears in releases that include the safepath package used by virt-handler in RHEL 9 environments.

Risk and Exploitability

The CVSS score of 7.3 indicates a high impact, and the EPSS score of < 1% shows that exploitation is currently low probability. The vulnerability is not listed in the CISA KEV catalog. A local attacker who can execute commands within a virt-launcher pod is capable of exploiting the flaw, which does not require external network access but requires sufficient pod privileges. The primary threat vector is therefore an internal, privilege‑escalation or local compromise within the containerized environment, enabling notify socket hijacking and denial of VM services.

Generated by OpenCVE AI on June 26, 2026 at 01:51 UTC.

Remediation

Vendor Workaround

The following measures reduce the attacker pool and limit secondary impact: Review RBAC policies to restrict pods/exec permissions on virt-launcher pods to only those users who strictly require it. This reduces the number of identities that can place symlinks in the launcher filesystem. Ensure SELinux is in enforcing mode (default in OpenShift). While SELinux does not prevent the notify socket hijacking path, it restricts the set of host files targetable through the chown/chmod path by blocking operations on files with protected security labels. RHCOS immutable filesystem layers prevent modification of core OS files through the chown/chmod path. Note: no mitigation currently addresses the notify socket hijacking vector. The attacker's ability to inject domain events into virt-handler is not constrained by SELinux or filesystem immutability.


OpenCVE Recommended Actions

  • Apply the latest Red Hat OpenShift Virtualization update that fixes the safepath symlink following issue in KubeVirt.
  • Restrict RBAC so that only operators who strictly need exec or privileged capabilities can run commands within virt‑launcher pods, limiting the pool of identities that can create symlinks in the launcher filesystem.
  • Ensure SELinux is set to enforcing mode to prevent virt‑handler from changing ownership or permissions of protected host files.
  • Maintain the immutable filesystem layers of RHCOS, preventing modification of core OS files through the chown/chmod path.

Generated by OpenCVE AI on June 26, 2026 at 01:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Kubevirt
Kubevirt kubevirt
Redhat openshift Virtualization
Vendors & Products Kubevirt
Kubevirt kubevirt
Redhat openshift Virtualization

Thu, 25 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
Description A flaw was found in KubeVirt's safepath package. The OpenAtNoFollow function uses O_PATH|O_NOFOLLOW to obtain a file descriptor to a path leaf, but downstream helpers operate via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel dereferences it, defeating the intended no-follow protection. An attacker with access to a virt-launcher pod can exploit this to cause virt-handler to apply file ownership or permission changes to an unintended host path. A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses O_PATH|O_NOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel dereferences it, defeating the intended no-follow protection. An attacker with access to a virt-launcher pod can exploit this to redirect virt-handler's IPC socket connections, including the notify socket used for VM domain lifecycle events. By hijacking this socket, the attacker can inject arbitrary domain events into virt-handler, causing it to take incorrect lifecycle actions, corrupt VM state in the Kubernetes API, or crash — resulting in sustained denial of VM management services for all virtual machines on the affected node. Additionally, the same symlink following flaw allows virt-handler to apply file ownership or permission changes to unintended host paths.
Title Kubevirt: virt-handler-rhel9: kubevirt: safepath openatnofollow symlink following via /proc/self/fd allows host file metadata modification Kubevirt: virt-handler-rhel9: kubevirt: safepath symlink following in virt-handler enables notify socket hijacking and node-level vm disruption
Metrics cvssV3_1

{'score': 5.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H'}


Thu, 25 Jun 2026 23:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 25 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

threat_severity

Moderate


Wed, 24 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in KubeVirt's safepath package. The OpenAtNoFollow function uses O_PATH|O_NOFOLLOW to obtain a file descriptor to a path leaf, but downstream helpers operate via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel dereferences it, defeating the intended no-follow protection. An attacker with access to a virt-launcher pod can exploit this to cause virt-handler to apply file ownership or permission changes to an unintended host path.
Title Kubevirt: virt-handler-rhel9: kubevirt: safepath openatnofollow symlink following via /proc/self/fd allows host file metadata modification
First Time appeared Redhat
Redhat container Native Virtualization
Weaknesses CWE-61
CPEs cpe:/a:redhat:container_native_virtualization:4
Vendors & Products Redhat
Redhat container Native Virtualization
References
Metrics cvssV3_1

{'score': 5.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L'}


Subscriptions

Kubevirt Kubevirt
Redhat Container Native Virtualization Openshift Virtualization
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-06-25T23:23:24.879Z

Reserved: 2026-06-24T13:58:29.925Z

Link: CVE-2026-13201

cve-icon Vulnrichment

Updated: 2026-06-25T23:04:41.471Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-24T00:00:00Z

Links: CVE-2026-13201 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T09:40:21Z

Weaknesses
  • CWE-61

    UNIX Symbolic Link (Symlink) Following