HarborGuard / CVE
Back to search
HIGHCVE-2026-44543Published Modified CNA GitHub_M

CVE-2026-44543: Local Path Provisioner: HelperPod Template Injection

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by rancher/local-path-provisioner. The helperPod.yaml template is loaded by the provisioner and used to create HelperPods during PVC provisioning and cleanup operations. However, the template is not sufficiently validated before use. Security-sensitive fields such as securityContext.privileged, hostPath volumes, and Linux capabilities can be injected into the template. When a PVC operation triggers HelperPod creation, the provisioner creates the HelperPod using the attacker-controlled template. This can result in a privileged pod running on the target node with the host root filesystem mounted. This may allow the attacker to access sensitive host files, read ServiceAccount tokens from other pods on the same node, access other tenants' local-path volume data, or modify files on the host node. This vulnerability is fixed in 0.0.36.

HarborGuard Analysis

HarborGuard analysis

Synopsis

This is a template-injection vulnerability in Rancher Local Path Provisioner, a Kubernetes component that manages local-storage PersistentVolumeClaims. An attacker with admin-level access to the local-path-config ConfigMap in the local-path-storage namespace can inject arbitrary pod security fields into the helperPod.yaml template, causing the provisioner to spawn a privileged HelperPod with the host root filesystem mounted during PVC operations. Successful exploitation gives the attacker read and write access to sensitive host files, ServiceAccount tokens from co-located pods, and other tenants' volume data. No fix version has been published yet; HarborGuard is tracking the upstream advisory and will surface a patched-image rebuild the moment a fix is released.

HarborGuard Coverage

Detection

Detection for CVE-2026-44543 is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images in registries and active CI/CD pipelines, including custom-built images that bundle local-path-provisioner binaries.

Available
Triage

HarborGuard is capable of scoring this finding at CVSS 8.7 HIGH and weighting it against each environment's compliance policy to reflect the scoped blast radius of a Kubernetes storage-namespace compromise; matched findings are routed to the team or inbox configured in each customer's org settings.

Available
Patch

Because no upstream fix version has been published, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment version 0.0.36 or a later fix is released; for customers with auto-remediation enabled, a rebuild, regression run, and PR against affected workloads will follow without manual intervention.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The provisioner's Kubernetes API endpoint must be reachable over the network; an attacker edits the ConfigMap via standard Kubernetes API calls from any networked client.

  • AuthenticationRequired

    The attacker must hold a Kubernetes account or token with write permission on the local-path-config ConfigMap in the local-path-storage namespace, making an admin or equivalently privileged credential a prerequisite.

  • Victim interactionNot required

    No human interaction is needed; exploitation completes when the provisioner next creates a HelperPod in response to a PVC provisioning or cleanup operation.

  • Attack complexityDetail

    The exploit is reliable and condition-free once the ConfigMap write permission is held; no race conditions or special environmental factors are required.

Blast Radius

  • Reads sensitive host files, including /etc/shadow, SSH keys, and kubelet credentials, by mounting the node's root filesystem into the injected privileged pod.
  • Reads ServiceAccount tokens from other pods co-located on the same node, enabling lateral movement to any Kubernetes workload whose identity is bound to a powerful RBAC role.
  • Reads other tenants' local-path volume data stored on the same node, breaking storage isolation between namespaces.
  • Writes to or modifies files on the host node filesystem, including binary paths and systemd units, enabling persistent compromise of the underlying node.

How HarborGuard Handles This

Available on HarborGuard: this CVE is tracked continuously because no upstream fix has been published. On every ingest cycle, HarborGuard re-checks the advisory against the rancher/local-path-provisioner release feed; the moment version 0.0.36 or a confirmed patched release appears, a rebuilt image becomes available and, for customers with auto-remediation enabled, a regression run and a PR against affected workloads are opened automatically. In the interim, compensating controls worth evaluating include tightening RBAC so that only the provisioner's own service account can edit the local-path-config ConfigMap, applying a Kubernetes NetworkPolicy to restrict egress from the local-path-storage namespace, and auditing any existing ConfigMap contents for unauthorized helperPod.yaml modifications. Where compliance policy permits, flagged images can be pinned or quarantined in HarborGuard's policy engine until a clean rebuild is confirmed.

See how HarborGuard automates this

Metrics

CVSS v3.1
8.7
Severity
HIGH
Fixed in
Affected Products
1
Affected packages
  • rancher / local-path-provisioner
    < 0.0.36
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
References