Overview
Omni and each Talos machine establish a peer-to-peer (P2P) SideroLink connection using WireGuard to mutually authenticate and authorize access.
In this setup, Omni assigns a random IPv6 address to each Talos machine from a /64 network block. Omni itself uses the fixed ::1 address within that same block.
From Omni's perspective, this is a WireGuard interface with multiple peers, where each peer corresponds to a Talos machine. The WireGuard interface on Omni is configured to ensure that the source IP address of an incoming packet matches the IPv6 address assigned to the Talos peer. However, it performs no validation on the packet's destination address.
The Talos end of the SideroLink connection cannot be considered a trusted environment. Workloads running on Kubernetes, especially those configured with host networking, could gain direct access to this link. Therefore, a malicious workload could theoretically send arbitrary packets over the SideroLink interface.
Impact
This vulnerability creates two distinct attack scenarios based on Omni's IP forwarding configuration.
-
IP Forwarding Disabled (Default)
If IP forwarding is disabled, an attacker on a Talos machine can send packets over SideroLink to any listening service on Omni itself (e.g., an internal API). If Omni is running in host networking mode, any service on the host machine could also be targeted. While this is the default configuration, Omni does not enforce it.
-
IP Forwarding Enabled
If IP forwarding is enabled, an attacker on a Talos machine can communicate with other machines connected to Omni or route packets deeper into Omni's network. Although this is not the default configuration, Omni does not check for or prevent this state.
Patches
The problem has been fixed in Omni >= 0.48.0, the commit is a5efd81
Workarounds
Disable IP forwarding, implement strict firewall rules.
References
None
Overview
Omni and each Talos machine establish a peer-to-peer (P2P) SideroLink connection using WireGuard to mutually authenticate and authorize access.
In this setup, Omni assigns a random IPv6 address to each Talos machine from a
/64network block. Omni itself uses the fixed::1address within that same block.From Omni's perspective, this is a WireGuard interface with multiple peers, where each peer corresponds to a Talos machine. The WireGuard interface on Omni is configured to ensure that the source IP address of an incoming packet matches the IPv6 address assigned to the Talos peer. However, it performs no validation on the packet's destination address.
The Talos end of the SideroLink connection cannot be considered a trusted environment. Workloads running on Kubernetes, especially those configured with host networking, could gain direct access to this link. Therefore, a malicious workload could theoretically send arbitrary packets over the SideroLink interface.
Impact
This vulnerability creates two distinct attack scenarios based on Omni's
IP forwardingconfiguration.IP Forwarding Disabled (Default)
If
IP forwardingis disabled, an attacker on a Talos machine can send packets over SideroLink to any listening service on Omni itself (e.g., an internal API). If Omni is running in host networking mode, any service on the host machine could also be targeted. While this is the default configuration, Omni does not enforce it.IP Forwarding Enabled
If
IP forwardingis enabled, an attacker on a Talos machine can communicate with other machines connected to Omni or route packets deeper into Omni's network. Although this is not the default configuration, Omni does not check for or prevent this state.Patches
The problem has been fixed in Omni >= 0.48.0, the commit is a5efd81
Workarounds
Disable IP forwarding, implement strict firewall rules.
References
None