mirror of
https://github.com/siderolabs/talos.git
synced 2025-10-09 22:51:12 +02:00
9eaf33f3f2
Talos worker nodes use `trustd` API on control plane nodes to issue certificates for `apid` service. Access to the API is protected with the Talos join token specified in the machine configuration. There was no validation on what kind of request is requested, so `trustd` could issue a certificate which is valid for client authentication with any set of Talos API RBAC roles, including `os:admin` role allowing full access to the Talos API on control plane nodes. See: GHSA-7hgc-php5-77qq CVE: CVE-2022-36103 Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>