CVE-2026-13434
Received Received - Intake
KubeVirt Network Annotation Injection Vulnerability

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: Red Hat, Inc.

Description
A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the supplied networkName value is written verbatim into the launcher pod's v1.multus-cni.io/default-network annotation without format validation or sanitization. The only admission check rejects empty strings; no DNS-1123 format validation, JSON detection, or special character rejection is performed. When the ExternalNetResourceInjection Beta feature gate is enabled (off by default, cluster-admin only), the NAD lookup that would otherwise catch malformed names is skipped by design. A tenant with kubevirt.io:edit permissions can inject a JSON-formatted NetworkSelectionElement array specifying an arbitrary namespace, NAD name, static IP address, and MAC address. Multus on the node parses this JSON and attaches the launcher pod to the specified network attachment in any namespace, enabling cross-namespace network access and IP/MAC impersonation on network segments normally segregated from tenant workloads. The ExternalNetResourceInjection feature gate was introduced in KubeVirt v1.8.0 (first shipped in OpenShift Virtualization 4.21).
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-26
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-13434
EUVD
EUVD-2026-39796
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
kubevirt kubevirt From 1.8.0 (inc)
redhat openshift_virtualization From 4.21 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-13434 is a security flaw in KubeVirt's network annotation generator that occurs when the ExternalNetResourceInjection feature gate is enabled (off by default). A tenant creating a VirtualMachineInstance with a Multus network configuration can supply a malformed networkName value that is written directly into the launcher pod's default-network annotation without any validation or sanitization.

Because there is no format validation, JSON detection, or special character rejection, a tenant with kubevirt.io:edit permissions can inject a JSON-formatted NetworkSelectionElement array. This allows specifying an arbitrary namespace, network attachment definition (NAD) name, static IP address, and MAC address.

As a result, Multus on the node parses this JSON and attaches the launcher pod to the specified network attachment in any namespace, enabling cross-namespace network access and IP/MAC impersonation on network segments that are normally segregated from tenant workloads.

Impact Analysis

This vulnerability can impact you by allowing a tenant with limited permissions to bypass network segmentation controls within a Kubernetes cluster using KubeVirt.

An attacker can gain unauthorized cross-namespace network access, potentially accessing network resources and services that should be isolated.

Additionally, the attacker can impersonate other network entities by specifying arbitrary IP and MAC addresses, which can lead to service impersonation and further compromise of network security.

Detection Guidance

Detection of this vulnerability involves checking if the ExternalNetResourceInjection feature gate is enabled in your KubeVirt cluster, as it is off by default.

You should inspect the launcher pod's v1.multus-cni.io/default-network annotation for any malformed or JSON-formatted NetworkSelectionElement arrays that specify arbitrary namespaces, network attachment definitions, static IP addresses, or MAC addresses.

Commands to help detect this might include:

  • kubectl get pods -n <namespace> -o jsonpath='{.items[*].metadata.annotations.v1\.multus-cni\.io/default-network}'
  • kubectl get virtualmachineinstances -A -o json | jq '.items[].metadata.annotations["v1.multus-cni.io/default-network"]'
  • Check the feature gate status with: kubectl get kubevirt kubevirt -o yaml | grep ExternalNetResourceInjection

Look for any annotations containing JSON arrays or unexpected network attachment configurations that could indicate exploitation attempts.

Mitigation Strategies

The primary mitigation step is to ensure that the ExternalNetResourceInjection feature gate remains disabled, as it is off by default.

Restrict tenant permissions to prevent users with kubevirt.io:edit rights from injecting arbitrary network configurations.

Implement validation or sanitization of the networkName values in VirtualMachineInstance specifications to prevent malformed or malicious input.

Monitor and audit network annotations on launcher pods regularly to detect any unauthorized or suspicious network attachment injections.

Compliance Impact

The vulnerability allows a tenant to inject arbitrary network configurations, enabling cross-namespace network access and IP/MAC impersonation. This can lead to unauthorized access to network segments and potential data exposure or manipulation.

Such unauthorized access and impersonation could impact compliance with standards and regulations like GDPR and HIPAA, which require strict controls on data access, network segmentation, and protection of sensitive information.

However, the vulnerability is only exploitable when the ExternalNetResourceInjection feature gate is enabled, which is off by default and requires cluster-admin permissions, potentially limiting the risk in typical deployments.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-13434. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart