关于虚拟机管理程序和容器扩展漏洞的研究(2018–2024)
拓展/插件漏洞案例收集
下表汇总了过去 5 年中与扩展或插件(并非核心平台)相关的 20 个真实漏洞。每个案例列出了漏洞 ID(或 CVE)、受影响的扩展及其所运行的平台、漏洞类型、根本原因、对主机系统的影响,以及最终解决方法。
| Bug ID / CVE | Affected Extension (Platform) | Bug Type | Root Cause | Impact on Host System | Resolution |
|---|---|---|---|---|---|
| CVE-2021-21972 | vRealize Operations (vROps) Plugin for VMware vCenter | Security – RCE | No authentication on vROps plugin file-upload endpoint (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®) | Unauthenticated attacker could upload malicious files and execute code with SYSTEM/root privileges on vCenter (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®) | Patch provided by VMware (VMSA-2021-0002); workaround was to disable the vulnerable plugin (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®). |
| CVE-2021-21985 | vSAN Health Check Plugin for VMware vCenter | Security – RCE | Lack of input validation in vSAN Health Check plugin API (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) | Network attacker (once in reach of vCenter 443) could execute arbitrary OS commands on vCenter host (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) (full compromise of vCenter) | Patched by VMware (VMSA-2021-0010); customers urged to apply updates immediately (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®). |
| CVE-2021-21986 | Multiple vCenter Plugins (vSphere Client) | Security – Auth Bypass | Flawed authentication mechanism in vCenter plugin framework (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) | Attackers with network access to vCenter could invoke plugin actions without authentication (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®) (perform unauthorized operations via plugin APIs) | Patched by VMware; users advised to update. The fix corrected the auth enforcement in the affected plugins (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®). |
| CVE-2021-21973 | vCenter Server Plugin (vSphere Client) | Security – SSRF | Improper URL validation in plugin HTTP requests (NVD - CVE-2021-21973) | Unauthenticated attacker could abuse the plugin to have vCenter perform internal HTTP requests, leading to information disclosure (SSRF) (NVD - CVE-2021-21973) | Patched by VMware (in vCenter 7.0 U1c, 6.7 U3l, 6.5 U3n) (NVD - CVE-2021-21973), closing the SSRF loophole. |
| CVE-2021-21984 | vRealize Business for Cloud (vCenter add-on appliance) | Security – RCE | Exposed unauthenticated endpoint in the vRealize Business appliance (CVE - Search Results) | Remote attacker could execute arbitrary code on the vRealize Business virtual appliance (full appliance takeover) (CVE - Search Results) | Fixed in vRealize Business 7.6.0; update required to remove the unauthorized endpoint. |
| CVE-2021-21982 | Carbon Black Cloud Workload Appliance (vCenter plugin) | Security – Auth Bypass | Missing authentication in administrative interface API (CVE - Search Results) | Network attacker could obtain a valid admin token and alter configuration on the workload security appliance (CVE - Search Results) (compromising its protections) | Patch released by VMware; admins instructed to update the appliance to enforce auth on the interface. |
| CVE-2021-21981 | VMware NSX-T (Network Virtualization) | Security – Priv. Escalation | RBAC logic flaw in NSX-T roles (CVE - Search Results) | A local low-privileged NSX-T user could assign themselves higher privileges than permitted (CVE - Search Results), effectively gaining admin-level access | Patched by VMware in NSX-T update; role assignment checks were corrected to prevent privilege escalation. |
| CVE-2020-10703 | Libvirt Storage Pool Driver (KVM) | General – Crash/DoS | Null-pointer dereference when pool has no target path (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) | Malicious or misconfigured user could define a storage pool without a target, causing the libvirtd daemon to crash (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) (denial of service in VM management) | Fixed in libvirt; update checks for valid pool parameters to avoid the crash (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE). |
| CVE-2020-12430 | Libvirt QEMU Driver (KVM) | General – Memory Leak | Memory leak in qemuDomainGetStatsIOThread handling (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) |
Repeated stats queries could exhaust memory in the libvirt daemon, degrading performance or crashing the host’s VM management service (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) | Memory leak patched in libvirt; users advised to update to the fixed version (SUSE patch SUSE-SU-2020:1208-1) (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE). |
| CVE-2020-29487 | Xen XAPI Toolstack (XenServer) | Security – DoS | Inefficient algorithm for xenstore watch updates (O(n^2) time and O(m·n) memory usage) (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service) | A malicious guest could spam xenstore keys, causing excessive memory use in dom0 (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service) and ultimately hang or crash the host (denial of service) | Fixed in XAPI (Dec 2020 update) – improved update handling to break the resource exhaustion pattern (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service). Patching the host Xen installation eliminates the issue. |
| CVE-2024-41110 | Docker Engine Authorization Plugin | Security – AuthZ Bypass | Regression re-introduced AuthZ plugin bypass via crafted API request (Content-Length: 0 trick) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) | Users with access to the Docker API could perform actions bypassing authorization policy, potentially executing prohibited docker commands (privilege escalation on the host) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) | Patched in Docker v23.0.15, v26.1.5, etc. (fix re-applied) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker). Upgrade Docker Engine; as interim mitigation, restrict Docker API access or avoid using vulnerable AuthZ plugins (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker). |
| CVE-2024-8695 | Docker Desktop Extensions (GUI Plugins) | Security – RCE | Improper handling of extension metadata (description/changelog) (NVD - CVE-2024-8695) | Installing a malicious Docker Desktop extension could trigger arbitrary code execution on the host (NVD - CVE-2024-8695), as the extension’s crafted metadata is processed with unsafe logic (allowing injection) | Fixed in Docker Desktop 4.34.2; update sanitizes extension descriptors. Users should upgrade and only install trusted extensions (NVD - CVE-2024-8695). |
| CVE-2021-43979 | OPA Gatekeeper (Kubernetes Admission Controller) | Security – Policy Bypass (Consistency) | Concurrency issue: Gatekeeper doesn’t wait for cluster state sync before evaluating policies (NVD - CVE-2021-43979) | In rare cases, a race condition could let a resource slip past a Gatekeeper policy (policy not enforced due to stale data) (NVD - CVE-2021-43979). This could allow unauthorized changes that should have been blocked | Disputed by vendor as “eventual consistency” limitation (NVD - CVE-2021-43979), but a fix in later versions ensures Gatekeeper waits for data sync. Users advised to upgrade to Gatekeeper ≥3.8.0 (or mitigate by designing policies mindful of eventual consistency). |
| CVE-2023-34091 | Kyverno (Kubernetes Policy Controller) | Security – Policy Bypass | Logic oversight: Kyverno skipped validation for resources with a deletionTimestamp set (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes) | An attacker with delete rights could add a finalizer to a resource (e.g. a Service) without deleting it, then modify the resource to bypass enforced policies (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes) (since Kyverno treated it as already in deletion) | Fixed in Kyverno 1.10.0 with a redesign of how deletionTimestamp is handled (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes). Upgrade requires manual migration of policies due to breaking changes (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes). |
| (no CVE) Kyverno Crash Bug | Kyverno Admission Controller (when deployed via ArgoCD) | General – Logic Error | Missing RBAC permission in Kyverno’s Helm chart (service account lacked access to query CRDs) ([Bug] Kyverno controller is crashlooping · Issue #10122 · kyverno/kyverno · GitHub) | Kyverno controller continuously crash-looped (“Forbidden” errors on accessing its CRD resources) ([Bug] Kyverno controller is crashlooping · Issue #10122 · kyverno/kyverno · GitHub) – resulting in no policies being enforced and destabilizing the admission workflow | Resolved by updating the deployment manifest: added the needed ClusterRole permissions for CRDs. Users needed to patch the RBAC or use the fixed chart release. |
| CVE-2021-33505 | Sysdig Falco (Container Security Monitor) | Security – Detection Bypass | Time-of-check/time-of-use bug in syscall argument capture (NVD - CVE-2021-33505) | A local attacker could run a program that changes its syscall arguments at runtime, fooling Falco into logging benign values while the malicious call executes (NVD - CVE-2021-33505). This lets processes evade Falco’s rule detection (stealthy malicious activity) | Fixed in Falco 0.29.1 by capturing syscall arguments more safely (NVD - CVE-2021-33505). Users should upgrade to ensure accurate inspection. |
| CVE-2019-8339 | Sysdig Falco (Container Security Monitor) | General – Design Flaw (Alerting) | Missing indicator when Falco drops events due to resource exhaustion (NVD - CVE-2019-8339) | If Falco ran out of CPU/memory or hit event limits, it could silently skip monitoring events (NVD - CVE-2019-8339). An attacker could overload Falco to bypass detection without any alert (security controls fail open) | Improvement in later Falco versions: Falco now reports when it can’t keep up, or applies backpressure. Administrators should update Falco and tune its resource usage to avoid silent failures. |
| CVE-2024-28860 | Cilium (eBPF Container Network Plugin) | Security – Crypto Weakness | Using identical IPsec keys across nodes led to ESP sequence number collisions (NVD - CVE-2024-28860) | Allowed chosen-plaintext, replay, and key recovery attacks on inter-node encrypted traffic (NVD - CVE-2024-28860). A man-in-the-middle could decrypt or spoof supposedly secure pod-to-pod traffic (transparent encryption was rendered ineffective) | Fixed in Cilium 1.13.13/1.14.9/1.15.3: each node now uses unique keys for IPsec tunnels (NVD - CVE-2024-28860). All clusters using IPsec must update to restore strong encryption. |
| CVE-2023-30851 | Cilium (K8s Network Policy Engine) | Security – Policy Bypass | Logic bug when merging HTTP network policies with mixed scopes (Cilium CVEs and Security Vulnerabilities - OpenCVE) | In configs with multiple toEndpoints rules and an allow-all rule, Cilium would append a wildcard rule too broadly (Cilium CVEs and Security Vulnerabilities - OpenCVE). This caused some HTTP traffic to bypass intended policy restrictions (traffic allowed when it should be denied) |
Patched in Cilium 1.11.16, 1.12.9, 1.13.2 (Cilium CVEs and Security Vulnerabilities - OpenCVE). Users should upgrade to ensure HTTP policies are correctly enforced. No easy workaround besides removing the problematic policy combination. |
| CVE-2023-29002 | Cilium (eBPF Networking – Debug Mode) | Security – Info Leak | Sensitive data logged in debug mode (cilium-secrets contents) (Cilium CVEs and Security Vulnerabilities - OpenCVE) |
If Cilium was run in debug mode, it would log secrets (TLS private keys for Ingress, etc.) from the cilium-secrets namespace (Cilium CVEs and Security Vulnerabilities - OpenCVE). An attacker with access to the debug logs could steal these secrets, compromising cluster confidentiality |
Fixed in Cilium 1.11.16, 1.12.9, 1.13.2 (Cilium CVEs and Security Vulnerabilities - OpenCVE) – the debug logging was sanitized to omit secret material. Recommendation: avoid debug mode on production and update to a version with the fix. |
来源: 每个案例都在文中以(【†】)引用的形式标示了相关漏洞数据库、公告或技术分析,以便核实参考。
对模式和影响的分析
常见模式与根本原因
从这些案例中可以看出,以下几个重复出现的根本原因模式:
-
输入验证和身份验证不足:许多严重漏洞源于插件未对用户输入或身份进行恰当的验证。例如,VMware vCenter 插件出现了无认证或缺少输入检查的端点(CVE-2021-21972 和 21985 允许未经认证的用户上传文件并执行命令 (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®) (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®))。同样,Docker 的 authz 插件逻辑未正确处理空请求体,从而导致绕过 (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker)。这些案例表明,扩展接口常会引入新的攻击面,因其对本应由核心系统严格防护的输入过度信任。
-
授权/策略执行中的逻辑缺陷:许多扩展都出现了授权逻辑错误。例如,vCenter 插件 CVE-2021-21986 允许在未登录的情况下调用管理插件操作 (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®)。在 Kubernetes 策略控制器中,细微的逻辑漏洞(Gatekeeper 的竞态条件、Kyverno 的 finalizer 漏洞)在某些条件下可使攻击者绕过安全策略 (NVD - CVE-2021-43979) (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes)。这说明扩展开发人员在处理复杂状态或边界情况时,容易出现错误,从而破坏安全假设。
-
资源管理和并发问题:对于那些作为后台服务(守护进程或控制器)运行的扩展,资源处理上也出现了漏洞。例如,libvirt 驱动中的内存泄漏 (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE) 以及 Xen 的 XAPI 由于 O(n^2) 算法导致的极端内存消耗 (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service) —— 这两者都会导致可能的主机崩溃。并发问题也存在(Falco 和 Gatekeeper 都因竞态条件而影响功能 (NVD - CVE-2021-43979) (NVD - CVE-2021-33505))。这说明扩展必须仔细处理性能与多线程,否则会引发整个系统的不稳定。
-
扩展集成设计方面的疏漏:有些问题源于扩展与核心平台的整合方式。例如 Docker 授权插件的绕过其实是回归问题——此前的修复未同步到重构后的版本,暴露了维护上的不足 (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker) (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker)。Kyverno 崩溃漏洞则强调了部署配置问题(RBAC)而非代码本身错误。这些都表明,扩展往往与核心分开开发,在 QA 流程中更易出现集成方面的疏忽。
-
安全工具的自身绕过:值得注意的是,连本身就是安全扩展的组件也可能有漏洞,从而削弱了其所提供的防护。例如,Falco 的漏洞允许攻击者在不被检测的情况下进行操作 (NVD - CVE-2021-33505) (NVD - CVE-2019-8339),而 Gatekeeper/Kyverno 可在特定条件下被欺骗以允许本该禁止的操作 (NVD - CVE-2021-43979) (CVE-2023-34091: Kyverno Policy Bypass Vulnerability for Kubernetes)。这种模式令人担忧:本应提供安全防护的扩展,若设计不严谨,反而会带来新的失效风险。
对稳定性、可维护性和安全性的影响
扩展及插件中的漏洞对系统的安全和稳定均可产生重大影响:
-
系统被攻陷和数据泄露:扩展存在的安全漏洞往往会带来彻底的系统妥协。例如,多个 vCenter 插件漏洞可使攻击者完全控制 vCenter 主机 (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®),Docker Desktop 扩展漏洞也能在主机上执行任意代码 (NVD - CVE-2024-8695)。在一些情况下,会泄露敏感信息——例如通过 SSRF 获取云端管理员凭据 (NVD - CVE-2021-21973),或在日志中暴露 TLS 密钥 (Cilium CVEs and Security Vulnerabilities - OpenCVE)。这些例子表明,一旦扩展被利用,危害程度与核心组件漏洞不相上下,因为插件常常拥有高权限。
-
拒绝服务与不稳定性:许多非 RCE 漏洞虽然无法控制系统,却能导致主机或关键服务崩溃或挂起。例如,一个恶意 VM 就可使 Xen 的工具栈(dom0)宕机 (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service);或是用户配置错误引发 libvirt 整体崩溃,影响所有虚拟机。在 Kubernetes 中,如果 Kyverno admission controller 不断崩溃(如 RBAC Bug),就会导致集群功能的部分失效。因此,扩展漏洞可严重影响整体可靠性和可用性。
-
维护成本上升:这些问题通常需要紧急打补丁并进行配置修改,增加了运维负担。例如,Docker AuthZ 漏洞曾是回归问题,说明维护独立扩展会带来技术债。管理员必须及时应用补丁或临时解决方案(禁用功能、限制访问 (Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine | Docker)) 来减轻风险。每个扩展漏洞都增加了系统安全补丁和配置的复杂度。
-
隔离不足:影响严重程度高的原因之一是许多扩展都在主机或控制器上拥有高权限。比如,vCenter 的插件与 vCenter 服务同权限运行,一旦出现漏洞就能获得主机级控制 (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®)。这表明一些设计里,并未对插件进行良好的沙盒化或权限限制,导致一个插件被攻破就危及整个系统。这对于架构师而言是警示:应考虑对扩展进行隔离或最小权限管理。
频率与严重性洞察
在这 20 个案例中,安全漏洞占据主要地位:约 80%(16/20)为安全问题,剩余 ~20% 是一般软件缺陷。在这些安全漏洞中:
-
远程代码执行(RCE)与权限提升 占了相当比例(约占所有案例的四分之一),通常为最严重级别(CVSS 通常≥9.0),如 VMware 插件 RCE、Docker 扩展 RCE (CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability - Blog | Tenable®) (NVD - CVE-2024-8695)。
-
授权/策略绕过(auth bypass、策略逻辑缺陷)也相当普遍(约 6–7 个案例),严重性从非常高(如无需登录即可执行管理功能 (CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution - Blog | Tenable®))到中等(需要特定条件才能利用,如 Gatekeeper 或 Cilium 策略中的问题)。但即使是中等漏洞,也能让本该受限的操作被执行,从而破坏安全防护。
-
拒绝服务(DoS) 和崩溃问题约占 20–25%。尽管此类漏洞不会直接给攻击者提供控制权限,却可使服务或主机停止工作。值得注意的是,所有一般(非安全)漏洞也都表现为崩溃、卡死或内存泄漏,对稳定性造成影响。例如,Xen XAPI、libvirt 漏洞都可能被租户触发以使主机中断 (CVE-2020-29487: Xen XAPI Vulnerability Leading to Host Denial of Service) (Security update for libvirt SUSE-SU-2020:1208-1 | SUSE Support | SUSE)。在多租户场景中,这类漏洞依然极具破坏力。
-
信息泄露(如日志中暴露秘密、SSRF)相对较少(~10%),CVSS 评分往往略低,但仍可为后续攻击铺路(例如 vCenter SSRF (NVD - CVE-2021-21973) 能帮助攻击者探测内网服务,Cilium 日志泄露 TLS 密钥 (Cilium CVEs and Security Vulnerabilities - OpenCVE) 会破坏加密通信的保密性)。
综合来看,在专有虚拟化插件(VMware)及新兴扩展生态(Docker 扩展)中,关键(RCE/权限提升)漏洞较为常见。同时,高危但非 RCE 类型(如授权绕过、加密弱点)也时有出现,在特定场景下威胁可同样严重(如 CVSS 8.0 的加密漏洞 (NVD - CVE-2024-28860) 会悄悄暴露集群流量)。低严重度漏洞(崩溃、内存泄漏)数量相对更少,但对可靠性仍具影响。
总之,过去五年间,扩展与插件领域仍然是严重漏洞的高发地带。最常见的问题包括缺失验证、逻辑瑕疵,往往造成重大安全失效。最严重的后果是远程代码执行和主机妥协,但就算是“次要”漏洞,也可能破坏系统稳定或削弱安全工具的防护。这一趋势凸显了对扩展进行严格安全审查和测试、对其权限进行隔离、并在生命周期内持续维护的必要性——因为它们带来的风险与核心系统漏洞同样巨大。