New Kubernetes NFS CSI Vulnerability Enables Unauthorized Directory Deletion and Changes

A newly disclosed security flaw in the Kubernetes Container Storage Interface (CSI) Driver for Network File System (NFS) exposes storage servers to unauthorized directory modification and deletion.

Tracked as CVE-2026-3864 with a medium-severity CVSS v3.1 score of 6.5, this vulnerability was discovered by SentinelOne researcher Shaul Ben Hai.

The flaw impacts all versions of the driver prior to v4.13.1 and highlights the critical importance of input validation in cluster storage provisioning.

As Kubernetes continues to dominate enterprise container orchestration, securing its attached storage mechanisms remains a top priority for infrastructure teams.

NFS CSI Vulnerability

According to Kubernetes, the core of this vulnerability lies in how the Kubernetes CSI Driver for NFS processes the subDir parameter within volume identifiers.

In a secure configuration, this parameter dictates the specific subdirectory where a volume should be mounted under the NFS server.

However, in vulnerable versions of the driver, this user-supplied input is insufficiently validated before execution.

Attackers can take advantage of this oversight by injecting standard path traversal characters, such as dot-dot-slash sequences (../), into the volume identifier.

During routine cluster lifecycle events, specifically volume deletion or cleanup operations, the CSI driver uses these manipulated identifiers to locate the directories it needs to remove.

Because the traversal sequences are not sanitized, the driver is tricked into navigating outside the designated storage export.

While the potential impact on data integrity is significant, successful exploitation requires specific cluster privileges.

To execute this attack, an individual must already possess the permissions necessary to create PersistentVolumes that explicitly reference the NFS CSI driver.

If a threat actor acquires these privileges, they can weaponize the driver’s elevated access on the NFS server.

By crafting malicious volume identifiers, the attacker can force the server to delete critical data, alter existing directories, or disrupt shared storage resources utilized by other applications across the network.

This means the blast radius extends beyond the Kubernetes cluster itself and directly threatens the underlying storage infrastructure.

Detection and Mitigations

Security teams must immediately assess their Kubernetes environments to determine potential exposure.

Administrators should inspect the volumeHandle field of all existing PersistentVolumes utilizing the NFS CSI driver for any suspicious traversal sequences.

Furthermore, reviewing the CSI controller logs is essential for active threat hunting.

Security analysts must search for anomalous directory operations, specifically log entries indicating the removal of subpaths that contain multiple traversal characters, such as
Removing subPath: /tmp/mount-uuid/legitimate/../../../exports/subdir.

To secure vulnerable clusters, organizations must upgrade the CSI Driver for NFS to the patched version, v4.13.1 or newer, which introduces proper validation for traversal sequences.

Until patches are applied, administrators should strictly limit PersistentVolume creation privileges to trusted personnel and review NFS exports to ensure only intended directories are writable by the driver.

As a fundamental security practice, untrusted users must never be granted arbitrary storage provisioning rights that reference external storage drivers.

Related Articles

Back to top button
b Z g