CVE-2023-37264 in Pipeline
Summary
by MITRE • 07/07/2023
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will accept as the child Task. While the software stores and validates the PipelineRun's (api version, kind, name, uid) in the child Run's OwnerReference, it only store (api version, kind, name) in the ChildStatusReference. This means that if a client had access to create TaskRuns on a cluster, they could create a child TaskRun for a pipeline with the same name + owner reference, and the Pipeline controller picks it up as if it was the original TaskRun. This is problematic since it can let users modify the config of Pipelines at runtime, which violates SLSA L2 Service Generated / Non-falsifiable requirements. This issue can be used to trick the Pipeline controller into associating unrelated Runs to the Pipeline, feeding its data through the rest of the Pipeline. This requires access to create TaskRuns, so impact may vary depending on one Tekton setup. If users already have unrestricted access to create any Task/PipelineRun, this does not grant any additional capabilities. As of time of publication, there are no known patches for this issue.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 07/25/2023
The vulnerability identified as CVE-2023-37264 affects the Tekton Pipelines project, a Kubernetes-native CI/CD framework that enables declarative pipeline definitions using k8s-style resources. This issue emerged in versions 0.35.0 and later, where the pipeline controller demonstrates a critical flaw in its validation mechanisms for child resource references. The vulnerability specifically targets the discrepancy between how the system validates owner references for different types of resource relationships within pipeline execution contexts.
The technical flaw manifests in the inconsistent validation of unique identifiers between different reference types within the Tekton architecture. While the system properly validates and stores full owner reference information including api version, kind, name, and uid for PipelineRun resources, it only maintains partial information in ChildStatusReference structures, storing only api version, kind, and name without the uid component. This design gap creates a potential attack vector where malicious actors with TaskRun creation privileges can exploit the system by creating forged TaskRun resources that match the expected naming and owner reference patterns but use different UIDs than the original resources.
The operational impact of this vulnerability extends beyond simple privilege escalation, fundamentally compromising the integrity and traceability of pipeline executions. An attacker with access to create TaskRuns can manipulate the pipeline controller's behavior by creating malicious TaskRun resources that appear legitimate to the system. This allows them to effectively modify pipeline configurations at runtime, which directly violates SLSA (Software Supply Chain Security) Level 2 requirements for service-generated and non-falsifiable artifacts. The vulnerability enables a form of runtime injection where unrelated pipeline components become incorrectly associated with the main pipeline execution, potentially causing data corruption, unauthorized execution paths, and complete compromise of pipeline integrity.
The security implications align with CWE-284 (Improper Access Control) and represent a significant concern for organizations relying on Tekton for critical CI/CD operations. The attack requires minimal privileges beyond TaskRun creation capabilities, making it particularly dangerous in environments where multiple teams have varying levels of access control. This vulnerability can be leveraged to execute unauthorized pipeline modifications, inject malicious steps into existing pipelines, or manipulate pipeline execution flow to achieve unintended outcomes. The lack of patches at the time of publication indicates that organizations must implement defensive measures immediately, including restricting TaskRun creation privileges, implementing additional validation layers, and monitoring for suspicious pipeline execution patterns that could indicate exploitation attempts. The issue demonstrates a fundamental architectural weakness in how Tekton handles resource validation and reference integrity, particularly in multi-tenant environments where privilege separation is critical for maintaining security boundaries.