vulnerability

Debian: CVE-2024-7598: kubernetes -- security update

Try Surface Command

Back to search

Severity

CVSS

(AV:A/AC:M/Au:N/C:P/I:N/A:N)

Published

Mar 20, 2025

Added

Mar 24, 2025

Modified

Mar 30, 2026

Description

A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined, and it is possible for network policies to be deleted before the pods that they protect. This can lead to a brief period in which the pods are running, but network policies that should apply to connections to and from the pods are not enforced.

Solution

debian-upgrade-kubernetes

References

CVE-2024-7598
https://attackerkb.com/topics/CVE-2024-7598
CWE-362
EUVD-EUVD-2025-7150
https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-7150

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report