CVE-2025-24376

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when defining the policy. There might be Kubernetes namespaced resources that should not be validated by AdmissionPolicy and by the AdmissionPolicyGroup policies because of their sensitive nature. For example, PolicyReport are namespaced resources that contain the list of non compliant objects found inside of a namespace. An attacker can use either an AdmissionPolicy or an AdmissionPolicyGroup to prevent the creation and update of PolicyReport objects to hide non-compliant resources. Moreover, the same attacker might use a mutating AdmissionPolicy to alter the contents of the PolicyReport created inside of the namespace. Starting from the 1.21.0 release, the validation rules applied to AdmissionPolicy and AdmissionPolicyGroup have been tightened to prevent them from validating sensitive types of namespaced resources.

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when defining the policy. There might be Kubernetes namespaced resources that should not be validated by AdmissionPolicy and by the AdmissionPolicyGroup policies because of their sensitive nature. For example, PolicyReport are namespaced resources that contain the list of non compliant objects found inside of a namespace. An attacker can use either an AdmissionPolicy or an AdmissionPolicyGroup to prevent the creation and update of PolicyReport objects to hide non-compliant resources. Moreover, the same attacker might use a mutating AdmissionPolicy to alter the contents of the PolicyReport created inside of the namespace. Starting from the 1.21.0 release, the validation rules applied to AdmissionPolicy and AdmissionPolicyGroup have been tightened to prevent them from validating sensitive types of namespaced resources.

KubeWarden's AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources in github.com/kubewarden/kubewarden-controller

### Impact By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when defining the policy. There might be Kubernetes namespaced resources that should not be validated by AdmissionPolicy and by the AdmissionPolicyGroup policies because of their sensitive nature. For example, PolicyReport are namespaced resources that contain the list of non compliant objects found inside of a namespace. See [this section](https://docs.kubewarden.io/explanations/audit-scanner/policy-reports) of Kubewarden’s documentation for more details about PolicyReport resources. An attacker can use either an AdmissionPolicy or an AdmissionPolicyGroup to prevent the creation and update of PolicyReport objects to hide non-compliant resources. Moreover, the same attacker might use a mutating AdmissionPolicy to alter the contents of the PolicyReport created inside of the namespace. ### Patches Starting from the 1.21.0 release, the validation rules applied to AdmissionPolicy and AdmissionPolicyGroup have been tightened to prevent them from validating sensitive types of namespaced resources. The new validation will also restrict the usage of wildcards when defining apiGroups and resources rules for AdmissionPolicy and AdmissionPolicyGroup objects. ### Workarounds On clusters running Kubewarden < 1.21.0, the following Kubewarden policy can be applied to prevent the creation of AdmissionPolicy and AdmissionPolicyGroup resources that interact with PolicyReport resources: ```yaml apiVersion: policies.kubewarden.io/v1 kind: ClusterAdmissionPolicy metadata: name: "deny-interaction-with-policyreport" spec: module: registry://ghcr.io/kubewarden/policies/cel-policy:latest settings: variables: - name: hasWildcardInsideOfApiGroup expression: "object.spec.rules.exists(r, r.apiGroups.exists(ag, ag == '*'))" - name: hasWildcardInsideOfResources expression: "object.spec.rules.exists(r, r.resources.exists(ag, ag == '*' || ag == '*/*' || ag == 'policyreports/*'))" - name: dealsWithPolicyReportApiGroup expression: "object.spec.rules.exists(r, r.apiGroups.exists(ag, ag == 'wgpolicyk8s.io'))" - name: dealsWithPolicyReportResource expression: "object.spec.rules.exists(r, r.resources.exists(ag, ag == 'policyreports' || ag == 'policyreports/'))" - name: isPendingDeletion expression: "has(object.metadata.deletionTimestamp)" validations: - expression: | !( variables.hasWildcardInsideOfApiGroup || variables.hasWildcardInsideOfResources || variables.dealsWithPolicyReportResource || variables.dealsWithPolicyReportApiGroup ) || variables.isPendingDeletion message: "cannot target PolicyReport resources or use wildcards in apiGroups or resources" rules: - apiGroups: ["policies.kubewarden.io"] apiVersions: ["v1"] operations: ["CREATE", "UPDATE"] resources: ["admissionpolicies", "admissionpolicygroups"] mutating: false backgroundAudit: true ``` ### For more information If you have any questions or comments about this advisory you can contact the Kubewarden team using the procedures described under the “[security disclosure](https://docs.kubewarden.io/disclosure)“ guidelines of the Kubewarden project.

kubewarden-controller es un controlador de Kubernetes que le permite registrar dinámicamente las políticas de admisión de Kubewarden. Por diseño, AdmissionPolicy y AdmissionPolicyGroup solo pueden evaluar recursos con espacios de nombres. Los recursos que se evaluarán están determinados por las reglas proporcionadas por el usuario al definir la política. Puede haber recursos con espacios de nombres de Kubernetes que no deberían ser validados por AdmissionPolicy y por las políticas AdmissionPolicyGroup debido a su naturaleza confidencial. Por ejemplo, PolicyReport son recursos con espacios de nombres que contienen la lista de objetos no compatibles que se encuentran dentro de un espacio de nombres. Un atacante puede usar AdmissionPolicy o AdmissionPolicyGroup para evitar la creación y actualización de objetos PolicyReport para ocultar recursos no compatibles. Además, el mismo atacante podría usar una AdmissionPolicy mutada para alterar el contenido del PolicyReport creado dentro del espacio de nombres. A partir de la versión 1.21.0, se han endurecido las reglas de validación aplicadas a AdmissionPolicy y AdmissionPolicyGroup para evitar que validen tipos confidenciales de recursos con espacios de nombres.