CVE-2021-20291 was discovered earlier this month by Aviv Sasson. This effort was part of a security audit surveying multiple Go libraries that Kubernetes relies on to function. This vulnerability lies with the container/storage library leading to a Denial of Service (DoS) of engines CRI-O and Podman. Threat actors may compromise any containerized infrastructure relying on these engines. Listed below are the functions affected by this issue.
|Fails to pull new images||Fails to pull new images|
|Fails to start any new containers||Fails to retrieve running pods|
|Fails to retrieve local image list||Fails to start new containers|
|Fails to kill containers||Fails to exec into containers|
|Fails to retrieve existing images|
|Fails to kill existing containers|