GHSA-gx55-f84r-v3r7

Suggest an improvement
Source
https://github.com/advisories/GHSA-gx55-f84r-v3r7
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-gx55-f84r-v3r7/GHSA-gx55-f84r-v3r7.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-gx55-f84r-v3r7
Aliases
  • CVE-2026-50564
Published
2026-06-30T18:19:32Z
Modified
2026-06-30T18:30:08.066154588Z
Severity
  • 9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape
Details

Summary

Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs for runtime and builder pods. The merge logic propagated hostNetwork, hostPID, hostIPC, container privileged, and serviceAccountName from the user-supplied podspec with no filtering, and Environment.Validate performed no security-relevant checks on these fields.

Details

A namespace user with create/update on environments.fission.io could produce privileged, host-network, hostPID pods in the Fission function or builder namespace. Because the Helm chart created the fission-function and fission-builder namespaces with no pod-security.kubernetes.io/enforce labels, Kubernetes Pod Security Admission did not catch the escape either.

From a host-network privileged pod with hostPID, the attacker could nsenter into the host, read cloud-metadata credentials, access the container-runtime socket, pivot to other namespaces, and fully compromise the node.

Impact

environments.fission.io create/update RBAC is escalated to node compromise — host filesystem and network access on the scheduling node, and from there potential cluster-wide takeover.

Fix

Fixed in #3391 and released in v1.24.0. Denylist at admission (the primary defence) plus belt-and-braces at the merge layer.

Admission denylist (pkg/apis/core/v1/podspec_safety.go::ValidatePodSpecSafety), called from Environment.Validate for both Runtime.PodSpec and Builder.PodSpec:

  • pod-level: HostNetwork, HostPID, HostIPC, ServiceAccountName / DeprecatedServiceAccount override, hostPath volumes;
  • per-container: SecurityContext.Privileged=true, SecurityContext.AllowPrivilegeEscalation=true, dangerous capabilities (SYS_ADMIN, NET_ADMIN, SYS_PTRACE, SYS_MODULE, DAC_READ_SEARCH, DAC_OVERRIDE).

Update-bypass closed: the Environment validating-webhook marker is extended from verbs=create to verbs=create;update (chart and envtest manifests aligned).

Merge-layer belt-and-braces (pkg/executor/util/merge.go): even if admission is bypassed (failurePolicy=Ignore or stale pre-webhook objects), the denylisted pod-level fields are stripped and per-container dangerous settings are sanitized before the merge (with SecurityContext deep-copied first so cached informer objects are not mutated). Legitimate operator hardening via the chart's pod-level securityContext (fsGroup, runAsNonRoot, runAsUser) still flows through.

Behavioural change

Environments that explicitly set any denylisted field are now rejected at admission. There is no legitimate Fission use case — these primitives exist for cluster operators, not Environment authors.

This is the same root cause and fix as GHSA-wmgg-3p4h-48x7.

Database specific
{
    "nvd_published_at": "2026-06-10T18:17:12Z",
    "severity": "CRITICAL",
    "cwe_ids": [
        "CWE-269",
        "CWE-284",
        "CWE-693"
    ],
    "github_reviewed_at": "2026-06-30T18:19:32Z",
    "github_reviewed": true
}
References

Affected packages

Go / github.com/fission/fission

Package

Name
github.com/fission/fission
View open source insights on deps.dev
Purl
pkg:golang/github.com/fission/fission

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.24.0

Database specific

source
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-gx55-f84r-v3r7/GHSA-gx55-f84r-v3r7.json"
last_known_affected_version_range
"<= 1.23.0"