Study on Hypervisor and Container Extension Bugs (2018–2024)
Collected Cases of Extension/Plugin Bugs
Below is a table of 20 real-world bugs from the last 5 years involving extensions or plugins (not core platforms). Each case lists the bug ID (or CVE), the affected extension and its platform, the type of bug, its root cause, the impact on the host system, and how it was resolved.
| Bug ID / CVE | Affected Extension (Platform) | Bug Type | Root Cause | Impact on Host System | Resolution |
|---|---|---|---|---|---|
| CVE-2021-21972 | vRealize Operations (vROps) Plugin for VMware vCenter | Security – RCE | No authentication on vROps plugin file-upload endpoint (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®) | Unauthenticated attacker could upload malicious files and execute code with SYSTEM/root privileges on vCenter (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®) | Patch provided by VMware (VMSA-2021-0002); workaround was to disable the vulnerable plugin (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®). |
| CVE-2021-21985 | vSAN Health Check Plugin for VMware vCenter | Security – RCE | Lack of input validation in vSAN Health Check plugin API (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) | Network attacker (once in reach of vCenter 443) could execute arbitrary OS commands on vCenter host (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) (full compromise of vCenter) | Patched by VMware (VMSA-2021-0010); customers urged to apply updates immediately (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®). |
| CVE-2021-21986 | Multiple vCenter Plugins (vSphere Client) | Security – Auth Bypass | Flawed authentication mechanism in vCenter plugin framework (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) | Attackers with network access to vCenter could invoke plugin actions without authentication (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) (perform unauthorized operations via plugin APIs) | Patched by VMware; users advised to update. The fix corrected the auth enforcement in the affected plugins (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®). |
| CVE-2021-21973 | vCenter Server Plugin (vSphere Client) | Security – SSRF | Improper URL validation in plugin HTTP requests (NVD - CVE-2021-21973) | Unauthenticated attacker could abuse the plugin to have vCenter perform internal HTTP requests, leading to information disclosure (SSRF) (NVD - CVE-2021-21973) | Patched by VMware (in vCenter 7.0 U1c, 6.7 U3l, 6.5 U3n) (NVD - CVE-2021-21973), closing the SSRF loophole. |
| CVE-2021-21984 | vRealize Business for Cloud (vCenter add-on appliance) | Security – RCE | Exposed unauthenticated endpoint in the vRealize Business appliance (CVE - Search Results) | Remote attacker could execute arbitrary code on the vRealize Business virtual appliance (full appliance takeover) (CVE - Search Results) | Fixed in vRealize Business 7.6.0; update required to remove the unauthorized endpoint. |
| CVE-2021-21982 | Carbon Black Cloud Workload Appliance (vCenter plugin) | Security – Auth Bypass | Missing authentication in administrative interface API (CVE - Search Results) | Network attacker could obtain a valid admin token and alter configuration on the workload security appliance (CVE - Search Results) (compromising its protections) | Patch released by VMware; admins instructed to update the appliance to enforce auth on the interface. |
| CVE-2021-21981 | VMware NSX-T (Network Virtualization) | Security – Priv. Escalation | RBAC logic flaw in NSX-T roles (CVE - Search Results) | A local low-privileged NSX-T user could assign themselves higher privileges than permitted (CVE - Search Results), effectively gaining admin-level access | Patched by VMware in NSX-T update; role assignment checks were corrected to prevent privilege escalation. |
| CVE-2020-10703 | Libvirt Storage Pool Driver (KVM) | General – Crash/DoS | Null-pointer dereference when pool has no target path (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) | Malicious or misconfigured user could define a storage pool without a target, causing the libvirtd daemon to crash (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) (denial of service in VM management) | Fixed in libvirt; update checks for valid pool parameters to avoid the crash (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE). |
| CVE-2020-12430 | Libvirt QEMU Driver (KVM) | General – Memory Leak | Memory leak in qemuDomainGetStatsIOThread handling (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) |
Repeated stats queries could exhaust memory in the libvirt daemon, degrading performance or crashing the host’s VM management service (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) | Memory leak patched in libvirt; users advised to update to the fixed version (SUSE patch SUSE-SU-2020:1208-1) (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE). |
| CVE-2020-29487 | Xen XAPI Toolstack (XenServer) | Security – DoS | Inefficient algorithm for xenstore watch updates (O(n^2) time and O(m·n) memory usage) (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service) | A malicious guest could spam xenstore keys, causing excessive memory use in dom0 (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service) and ultimately hang or crash the host (denial of service) | Fixed in XAPI (Dec 2020 update) – improved update handling to break the resource exhaustion pattern (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service). Patching the host Xen installation eliminates the issue. |
| CVE-2024-41110 | Docker Engine Authorization Plugin | Security – AuthZ Bypass | Regression re-introduced AuthZ plugin bypass via crafted API request (Content-Length: 0 trick) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) | Users with access to the Docker API could perform actions bypassing authorization policy, potentially executing prohibited docker commands (privilege escalation on the host) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) | Patched in Docker v23.0.15, v26.1.5, etc. (fix re-applied) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker). Upgrade Docker Engine; as interim mitigation, restrict Docker API access or avoid using vulnerable AuthZ plugins (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker). |
| CVE-2024-8695 | Docker Desktop Extensions (GUI Plugins) | Security – RCE | Improper handling of extension metadata (description/changelog) (NVD - CVE-2024-8695) | Installing a malicious Docker Desktop extension could trigger arbitrary code execution on the host (NVD - CVE-2024-8695), as the extension’s crafted metadata is processed with unsafe logic (allowing injection) | Fixed in Docker Desktop 4.34.2; update sanitizes extension descriptors. Users should upgrade and only install trusted extensions (NVD - CVE-2024-8695). |
| CVE-2021-43979 | OPA Gatekeeper (Kubernetes Admission Controller) | Security – Policy Bypass (Consistency) | Concurrency issue: Gatekeeper doesn’t wait for cluster state sync before evaluating policies (NVD - CVE-2021-43979) | In rare cases, a race condition could let a resource slip past a Gatekeeper policy (policy not enforced due to stale data) (NVD - CVE-2021-43979). This could allow unauthorized changes that should have been blocked | Disputed by vendor as “eventual consistency” limitation (NVD - CVE-2021-43979), but a fix in later versions ensures Gatekeeper waits for data sync. Users advised to upgrade to Gatekeeper ≥3.8.0 (or mitigate by designing policies mindful of eventual consistency). |
| CVE-2023-34091 | Kyverno (Kubernetes Policy Controller) | Security – Policy Bypass | Logic oversight: Kyverno skipped validation for resources with a deletionTimestamp set (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes) | An attacker with delete rights could add a finalizer to a resource (e.g. a Service) without deleting it, then modify the resource to bypass enforced policies (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes) (since Kyverno treated it as already in deletion) | Fixed in Kyverno 1.10.0 with a redesign of how deletionTimestamp is handled (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes). Upgrade requires manual migration of policies due to breaking changes (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes). |
| (no CVE) Kyverno Crash Bug | Kyverno Admission Controller (when deployed via ArgoCD) | General – Logic Error | Missing RBAC permission in Kyverno’s Helm chart (service account lacked access to query CRDs) ([Bug] Kyverno controller is crashlooping · Issue #10122 · kyverno/kyverno · GitHub) | Kyverno controller continuously crash-looped (“Forbidden” errors on accessing its CRD resources) ([Bug] Kyverno controller is crashlooping · Issue #10122 · kyverno/kyverno · GitHub) – resulting in no policies being enforced and destabilizing the admission workflow | Resolved by updating the deployment manifest: added the needed ClusterRole permissions for CRDs. Users needed to patch the RBAC or use the fixed chart release. |
| CVE-2021-33505 | Sysdig Falco (Container Security Monitor) | Security – Detection Bypass | Time-of-check/time-of-use bug in syscall argument capture (NVD - CVE-2021-33505) | A local attacker could run a program that changes its syscall arguments at runtime, fooling Falco into logging benign values while the malicious call executes (NVD - CVE-2021-33505). This lets processes evade Falco’s rule detection (stealthy malicious activity) | Fixed in Falco 0.29.1 by capturing syscall arguments more safely (NVD - CVE-2021-33505). Users should upgrade to ensure accurate inspection. |
| CVE-2019-8339 | Sysdig Falco (Container Security Monitor) | General – Design Flaw (Alerting) | Missing indicator when Falco drops events due to resource exhaustion (NVD - CVE-2019-8339) | If Falco ran out of CPU/memory or hit event limits, it could silently skip monitoring events (NVD - CVE-2019-8339). An attacker could overload Falco to bypass detection without any alert (security controls fail open) | Improvement in later Falco versions: Falco now reports when it can’t keep up, or applies backpressure. Administrators should update Falco and tune its resource usage to avoid silent failures. |
| CVE-2024-28860 | Cilium (eBPF Container Network Plugin) | Security – Crypto Weakness | Using identical IPsec keys across nodes led to ESP sequence number collisions (NVD - CVE-2024-28860) | Allowed chosen-plaintext, replay, and key recovery attacks on inter-node encrypted traffic (NVD - CVE-2024-28860). A man-in-the-middle could decrypt or spoof supposedly secure pod-to-pod traffic (transparent encryption was rendered ineffective) | Fixed in Cilium 1.13.13/1.14.9/1.15.3: each node now uses unique keys for IPsec tunnels (NVD - CVE-2024-28860). All clusters using IPsec must update to restore strong encryption. |
| CVE-2023-30851 | Cilium (K8s Network Policy Engine) | Security – Policy Bypass | Logic bug when merging HTTP network policies with mixed scopes (Cilium CVEs and Security Vulnerabilities - OpenCVE) | In configs with multiple toEndpoints rules and an allow-all rule, Cilium would append a wildcard rule too broadly (Cilium CVEs and Security Vulnerabilities - OpenCVE). This caused some HTTP traffic to bypass intended policy restrictions (traffic allowed when it should be denied) |
Patched in Cilium 1.11.16, 1.12.9, 1.13.2 (Cilium CVEs and Security Vulnerabilities - OpenCVE). Users should upgrade to ensure HTTP policies are correctly enforced. No easy workaround besides removing the problematic policy combination. |
| CVE-2023-29002 | Cilium (eBPF Networking – Debug Mode) | Security – Info Leak | Sensitive data logged in debug mode (cilium-secrets contents) (Cilium CVEs and Security Vulnerabilities - OpenCVE) |
If Cilium was run in debug mode, it would log secrets (TLS private keys for Ingress, etc.) from the cilium-secrets namespace (Cilium CVEs and Security Vulnerabilities - OpenCVE). An attacker with access to the debug logs could steal these secrets, compromising cluster confidentiality |
Fixed in Cilium 1.11.16, 1.12.9, 1.13.2 (Cilium CVEs and Security Vulnerabilities - OpenCVE) – the debug logging was sanitized to omit secret material. Recommendation: avoid debug mode on production and update to a version with the fix. |
Sources: Each case is documented with references (in 【†】 brackets) to vulnerability databases, advisories, or technical analyses for verification.
Analysis of Patterns and Impacts
Common Patterns and Root Causes
Several recurring root cause patterns emerge from these cases:
-
Insufficient Input Validation & Auth: A number of critical bugs stem from plugins not properly validating user input or authentication. For example, VMware vCenter plug-ins had endpoints with no auth or input checks (CVE-2021-21972 and 21985 allowed file uploads and commands by unauthenticated users (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®) (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®)). Similarly, Docker’s authz plugin logic failed to handle an empty request body, allowing a bypass (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker). These cases show that extension interfaces often introduced new attack surfaces by trusting inputs that the core system would normally guard against.
-
Logic Flaws in Authorization/Policy Enforcement: Many extensions introduced authorization logic errors. The vCenter plug-in CVE-2021-21986 allowed invoking administrative plugin actions without login (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®). In Kubernetes policy controllers, subtle logic mistakes (Gatekeeper’s race condition, Kyverno’s finalizer oversight) let attackers bypass security policies under certain conditions (NVD - CVE-2021-43979) (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes). These indicate that extension developers sometimes mis-handle complex state or edge cases, leading to broken security assumptions.
-
Resource Management and Concurrency Issues: Extensions that run as background services (daemons or controllers) had bugs in resource handling. Examples include memory leaks in libvirt’s driver (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) and extreme memory usage in Xen’s XAPI due to an O(n^2) algorithm (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service) – both causing potential host crashes. Concurrency bugs also appear (Falco and Gatekeeper both had race conditions impacting their function (NVD - CVE-2021-43979) (NVD - CVE-2021-33505)). Such issues reflect that extensions must manage performance and multithreading carefully, or risk destabilizing the larger system.
-
Design Oversights in Extension Integration: Some problems arose from how extensions integrate with the core platform. The Docker authorization plugin bypass was actually a regression – a prior fix wasn’t carried into a refactored version, showing a maintainability lapse (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker). The Kyverno crash bug highlights deployment configuration issues (RBAC) rather than code flaws. These suggest that extensions, often developed separately from the core, can suffer from integration oversight or weaker QA pipelines, leading to bugs that core software might catch.
-
Security Tools Evasion: It’s notable that even security extensions themselves had flaws that undermined their purpose. Falco’s vulnerabilities allowed attackers to operate without detection (NVD - CVE-2021-33505) (NVD - CVE-2019-8339), and Gatekeeper/Kyverno could be tricked into allowing forbidden actions (NVD - CVE-2021-43979) (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes). This pattern is worrisome: extensions added for security can introduce new failure modes if not carefully designed.
Impact on Stability, Maintainability, and Security
Bugs in extensions and plugins had significant impacts on both system security and stability:
-
System Compromise and Data Breaches: Security vulnerabilities in extensions frequently allowed complete system compromise. For instance, multiple vCenter plugin flaws gave attackers full control of the vCenter host (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®), and the Docker Desktop extension bug could run code on the host machine (NVD - CVE-2024-8695). In some cases, sensitive data was exposed – e.g. cloud admin credentials via SSRF (NVD - CVE-2021-21973) or TLS keys via verbose logs (Cilium CVEs and Security Vulnerabilities - OpenCVE). These illustrate that an exploited extension can be as dangerous as a core vulnerability, since plugins often run with high privileges.
-
Denial of Service and Instability: Many non-RCE bugs still crashed or hung the host or critical services. A malicious VM could crash the Xen host’s toolstack (dom0) (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service), or a user’s misstep could take down libvirt, affecting all VMs on that server. In Kubernetes, an admission controller in a crash loop (like Kyverno’s RBAC bug) effectively disables part of the cluster’s functionality. Thus, extension bugs can undermine reliability and availability of the entire platform.
-
Maintenance Overhead: These cases often required urgent patches and careful configuration changes. Notably, the Docker AuthZ bug was a regression, implying technical debt in maintaining extension code separately. Administrators had to quickly apply patches or workarounds (disabling features, restricting access (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker)) to mitigate these issues. Each extension vulnerability adds to the patching workload and complexity of maintaining a secure system.
-
Isolation (or Lack Thereof): The severity of impact is high partly because many extensions run with extensive privileges on the host or controller. For example, vCenter’s plugins run as part of the vCenter service, and a flaw there yields host-level control (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®). This shows that in several designs, extensions were not well sandboxed away from core privileges. Consequently, one compromised plugin can jeopardize the whole system, which is a lesson for architects to isolate or privilege-restrict extensions (e.g., run plugins with least privilege needed).
Frequency and Severity Insights
Among the 20 cases, security vulnerabilities dominated: about 80% (16/20) were security-related, versus ~20% general software bugs. Of the security bugs:
-
Remote Code Execution (RCE) and privilege-escalation flaws accounted for a substantial fraction (around one-quarter of all cases). These are the most severe (often CVSS 9.0+), as seen with the VMware plugin RCEs and Docker extension RCE (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®) (NVD - CVE-2024-8695).
-
Authorization/Policy Bypasses (auth bypass, policy logic bypass) were also common (~6–7 cases). Their severity ranged from critical (complete auth bypass to admin functions (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®)) to moderate (needing specific conditions to exploit, as with Gatekeeper or Cilium policy rules). Still, even moderate bypasses undermined security postures by allowing unauthorized actions.
-
Denial of Service (DoS) issues and crashes made up roughly 20–25% of the cases. While these didn’t give an attacker control, they could knock out services or hosts. Notably, all the general (non-security) bugs manifested as crashes, hangs, or leaks, affecting stability. For example, the Xen XAPI and libvirt bugs could be triggered by a tenant to disrupt the host (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service) (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE). In multi-tenant environments, those are significant.
-
Information Disclosure issues were fewer (e.g., logging secrets, SSRF) but still present (~10%). They tend to have lower CVSS scores, yet can facilitate further attacks (the SSRF in vCenter (NVD - CVE-2021-21973) could let an attacker map internal services, and leaking TLS keys from Cilium (Cilium CVEs and Security Vulnerabilities - OpenCVE) completely breaks confidentiality).
From a severity standpoint, critical bugs (RCE/privilege escalation) were prevalent in proprietary virtualization plugins (VMware) and in newer extension ecosystems (Docker extensions). High-severity but non-RCE issues (like the AuthZ bypass or encryption weakness) also appeared and could be just as damaging in context (e.g., a CVSS 8.0 encryption bug (NVD - CVE-2024-28860) that silently exposes cluster traffic). Lower-severity bugs (crashes, minor leaks) were fewer but still important for reliability.
In summary, extensions and plugins over the last five years have been a fertile ground for serious bugs. The most frequent issues were related to missing validations and logic mistakes, which often led to critical security failures. The most severe consequences were remote code execution and host compromise, but even “lesser” bugs could destabilize systems or weaken security defenses. This trend underlines the need for rigorous security review and testing of extensions, isolation of their privileges, and close attention to their maintenance over time, as they can introduce risks on par with core system flaws.