Fission (Kubernetes-native serverless framework), Cross-namespace Environment Reference, CVE-2026-49824 (High) -DC-Jun2026-754

Listen to this Post

How CVE-2026-49824 Works

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a critical vulnerability existed in the Fission Function admission webhook (pkg/webhook/function.go).
The root cause is an incomplete validation check. The webhook correctly validated that `spec.secrets[].namespace` and `spec.configmaps[].namespace` equaled the function’s own namespace. However, it performed no equivalent check on spec.environment.namespace. This oversight allowed an attacker to exploit the trust boundary between namespaces.
An attacker with permission to create Functions in their own namespace (i.e., having functions.fission.io/create权限) could set `spec.environment.namespace` to any other tenant’s namespace. When the function was scheduled, components like `poolmgr` and `newdeploy` would look up and use the victim’s Environment CRD. Consequently, the attacker’s function code would execute inside the victim’s container image.

This vulnerability enables several attack scenarios:

  • Code and Credential Theft: The victim’s runtime image may contain hardcoded secrets.
  • Confused-Deputy Attacks: The victim’s runtime image could be a privileged sidecar.
    The issue was fixed in pull request 3389 and released in version 1.24.0. The fix includes:
  • Admission Webhook Enhancement: The webhook (pkg/webhook/function.go::Validate) now rejects Function.spec.environment.namespace != metadata.namespace. An empty namespace remains accepted, as the CLI defaults it to the function’s namespace.
  • Controller Belt-and-Braces: The same check is performed before the cross-namespace `Environments(…).Get` in `poolmgr getFunctionEnv` and newdeploy fnCreate/RefreshFuncPods. This covers webhook-bypass clusters (where failurePolicy=Ignore) and handles stale Function objects from upgrade-before-restart windows.

DailyCVE Form:

Platform: Fission
Version: < 1.24.0
Vulnerability: Cross-namespace Environment Reference
Severity: High (CVSS 8.5)
Date: 2026-06-10

Prediction: 2026-06-10 (Patched in v1.24.0)

What Undercode Say:

To verify if a cluster is vulnerable, one can check the Fission version and audit the webhook configuration. The following `kubectl` commands can be used to inspect the relevant resources:

Check the Fission version
kubectl get deployments -n fission fission-controller -o jsonpath='{.spec.template.spec.containers[bash].image}'
Check the webhook configuration for failurePolicy
kubectl get validatingwebhookconfigurations admission-webhook -o yaml | grep -A 5 failurePolicy

Exploit:

An attacker with `functions.fission.io/create` permissions in their own namespace (e.g., ns-attacker) could create a Function that references an Environment in a victim’s namespace (e.g., ns-victim). A simplified example of a malicious `Function` object is shown below:

apiVersion: fission.io/v1
kind: Function
metadata:
name: malicious-function
namespace: ns-attacker
spec:
environment:
name: victim-env
namespace: ns-victim
code: |
Malicious code to steal secrets or perform other attacks

Protection:

To protect against CVE-2026-49824, it is strongly recommended to upgrade Fission to version 1.24.0 or later. This version includes the necessary validation in the admission webhook and additional controller-side checks. If an immediate upgrade is not possible, consider the following mitigation:
– Restrict Permissions: Limit the `functions.fission.io/create` permission to only trusted users or service accounts.
– Network Policies: Implement Kubernetes Network Policies to restrict pod-to-pod communication, limiting the blast radius of a potential exploit.
– Monitor for Anomalies: Monitor audit logs for `Function` creations that specify an `environment.namespace` different from the metadata.namespace.

Impact:

A successful exploit of this vulnerability allows a low-privileged attacker to break the namespace trust boundary. The impact is severe:
– Code Execution: The attacker’s function code runs inside the victim’s container image.
– Credential Theft: Hardcoded secrets within the victim’s runtime image can be stolen.
– Confused Deputy: The attacker can abuse the victim’s runtime image, which might be a privileged sidecar, to perform actions with escalated privileges.
– Lateral Movement: This vulnerability can be a stepping stone for further attacks within the cluster, potentially leading to a cluster-wide compromise.

🎯Let’s Practice Exploiting & Learn Patching For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top