Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities found for runtime by katacontainers
CVE-2020-2023 (GCVE-0-2020-2023)
Vulnerability from cvelistv5 – Published: 2020-06-10 17:30 – Updated: 2024-09-17 01:15
VLAI
Title
Kata Containers - Containers have access to the guest root filesystem device
Summary
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.
Severity
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/pull/2487 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2477 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/issues/2488 | x_refsource_MISC |
| https://github.com/kata-containers/agent/issues/791 | x_refsource_MISC |
| https://github.com/kata-containers/agent/pull/792 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
1.11 , < 1.11.1
(custom)
Affected: 1.10 , < 1.10.5 (custom) Affected: 1 , ≤ 1.9 (custom) |
Date Public
2020-06-10 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2487"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2477"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2488"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/agent/issues/791"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/agent/pull/792"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "1.11",
"versionType": "custom"
},
{
"lessThan": "1.10.5",
"status": "affected",
"version": "1.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.9",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration. Doesn\u0027t affect initrd (initramfs) based guests. Requires the container to have CAP_SYS_MKNOD, the default in Docker and Kubernetes with containerd, but not in Kubernetes with CRI-O."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Kata Containers doesn\u0027t restrict containers from accessing the guest\u0027s root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-10T17:30:12.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2487"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2477"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2488"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/agent/issues/791"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/agent/pull/792"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Containers have access to the guest root filesystem device",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
"ID": "CVE-2020-2023",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Containers have access to the guest root filesystem device"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.11",
"version_value": "1.11.1"
},
{
"version_affected": "\u003c",
"version_name": "1.10",
"version_value": "1.10.5"
},
{
"version_affected": "\u003c=",
"version_name": "1",
"version_value": "1.9"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration. Doesn\u0027t affect initrd (initramfs) based guests. Requires the container to have CAP_SYS_MKNOD, the default in Docker and Kubernetes with containerd, but not in Kubernetes with CRI-O."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kata Containers doesn\u0027t restrict containers from accessing the guest\u0027s root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250 Execution with Unnecessary Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/pull/2487",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2487"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2477",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2477"
},
{
"name": "https://github.com/kata-containers/runtime/issues/2488",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2488"
},
{
"name": "https://github.com/kata-containers/agent/issues/791",
"refsource": "MISC",
"url": "https://github.com/kata-containers/agent/issues/791"
},
{
"name": "https://github.com/kata-containers/agent/pull/792",
"refsource": "MISC",
"url": "https://github.com/kata-containers/agent/pull/792"
},
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.11.1",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.10.5",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2023",
"datePublished": "2020-06-10T17:30:12.051Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:15:36.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2026 (GCVE-0-2020-2026)
Vulnerability from cvelistv5 – Published: 2020-06-10 17:27 – Updated: 2024-09-16 19:35
VLAI
Title
Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path
Summary
A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions.
Severity
7.8 (High)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/issues/2712 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2713 | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
1.11 , < 1.11.1
(custom)
Affected: 1.10 , < 1.10.5 (custom) Affected: 1 , ≤ 1.9 (custom) |
Date Public
2020-06-10 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "1.11",
"versionType": "custom"
},
{
"lessThan": "1.10.5",
"status": "affected",
"version": "1.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.9",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor based guests."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T03:06:14.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
"ID": "CVE-2020-2026",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.11",
"version_value": "1.11.1"
},
{
"version_affected": "\u003c",
"version_name": "1.10",
"version_value": "1.10.5"
},
{
"version_affected": "\u003c=",
"version_name": "1",
"version_value": "1.9"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor based guests."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.11.1",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.10.5",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"name": "https://github.com/kata-containers/runtime/issues/2712",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2713",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2026",
"datePublished": "2020-06-10T17:27:46.151Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:35:42.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2025 (GCVE-0-2020-2025)
Vulnerability from cvelistv5 – Published: 2020-05-19 21:05 – Updated: 2024-09-16 19:35
VLAI
Title
Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file
Summary
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests.
Severity
8.8 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/pull/2487 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
unspecified , < 1.11.0
(custom)
|
Date Public
2020-05-19 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects Kata Containers on Cloud Hypervisor."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-19T21:05:21.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2487"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-05-19T16:00:00.000Z",
"ID": "CVE-2020-2025",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.11.0"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects Kata Containers on Cloud Hypervisor."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/pull/2487",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2487"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2025",
"datePublished": "2020-05-19T21:05:21.801Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:35:36.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2024 (GCVE-0-2020-2024)
Vulnerability from cvelistv5 – Published: 2020-05-19 21:05 – Updated: 2024-09-17 01:01
VLAI
Title
Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host
Summary
An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS.
Severity
6.5 (Medium)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/issues/2474 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2475 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
unspecified , < 1.11.0
(custom)
|
Date Public
2020-05-19 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-19T21:05:19.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-05-19T16:00:00.000Z",
"ID": "CVE-2020-2024",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.11.0"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/issues/2474",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2475",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2024",
"datePublished": "2020-05-19T21:05:19.715Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:01:22.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2023 (GCVE-0-2020-2023)
Vulnerability from nvd – Published: 2020-06-10 17:30 – Updated: 2024-09-17 01:15
VLAI
Title
Kata Containers - Containers have access to the guest root filesystem device
Summary
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.
Severity
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/pull/2487 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2477 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/issues/2488 | x_refsource_MISC |
| https://github.com/kata-containers/agent/issues/791 | x_refsource_MISC |
| https://github.com/kata-containers/agent/pull/792 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
1.11 , < 1.11.1
(custom)
Affected: 1.10 , < 1.10.5 (custom) Affected: 1 , ≤ 1.9 (custom) |
Date Public
2020-06-10 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2487"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2477"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2488"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/agent/issues/791"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/agent/pull/792"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "1.11",
"versionType": "custom"
},
{
"lessThan": "1.10.5",
"status": "affected",
"version": "1.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.9",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration. Doesn\u0027t affect initrd (initramfs) based guests. Requires the container to have CAP_SYS_MKNOD, the default in Docker and Kubernetes with containerd, but not in Kubernetes with CRI-O."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Kata Containers doesn\u0027t restrict containers from accessing the guest\u0027s root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-10T17:30:12.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2487"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2477"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2488"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/agent/issues/791"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/agent/pull/792"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Containers have access to the guest root filesystem device",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
"ID": "CVE-2020-2023",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Containers have access to the guest root filesystem device"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.11",
"version_value": "1.11.1"
},
{
"version_affected": "\u003c",
"version_name": "1.10",
"version_value": "1.10.5"
},
{
"version_affected": "\u003c=",
"version_name": "1",
"version_value": "1.9"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration. Doesn\u0027t affect initrd (initramfs) based guests. Requires the container to have CAP_SYS_MKNOD, the default in Docker and Kubernetes with containerd, but not in Kubernetes with CRI-O."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kata Containers doesn\u0027t restrict containers from accessing the guest\u0027s root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250 Execution with Unnecessary Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/pull/2487",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2487"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2477",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2477"
},
{
"name": "https://github.com/kata-containers/runtime/issues/2488",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2488"
},
{
"name": "https://github.com/kata-containers/agent/issues/791",
"refsource": "MISC",
"url": "https://github.com/kata-containers/agent/issues/791"
},
{
"name": "https://github.com/kata-containers/agent/pull/792",
"refsource": "MISC",
"url": "https://github.com/kata-containers/agent/pull/792"
},
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.11.1",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.10.5",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2023",
"datePublished": "2020-06-10T17:30:12.051Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:15:36.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2026 (GCVE-0-2020-2026)
Vulnerability from nvd – Published: 2020-06-10 17:27 – Updated: 2024-09-16 19:35
VLAI
Title
Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path
Summary
A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions.
Severity
7.8 (High)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/issues/2712 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2713 | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
1.11 , < 1.11.1
(custom)
Affected: 1.10 , < 1.10.5 (custom) Affected: 1 , ≤ 1.9 (custom) |
Date Public
2020-06-10 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "1.11",
"versionType": "custom"
},
{
"lessThan": "1.10.5",
"status": "affected",
"version": "1.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.9",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor based guests."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T03:06:14.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
"ID": "CVE-2020-2026",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.11",
"version_value": "1.11.1"
},
{
"version_affected": "\u003c",
"version_name": "1.10",
"version_value": "1.10.5"
},
{
"version_affected": "\u003c=",
"version_name": "1",
"version_value": "1.9"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor based guests."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.11.1",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.10.5",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"name": "https://github.com/kata-containers/runtime/issues/2712",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2713",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2026",
"datePublished": "2020-06-10T17:27:46.151Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:35:42.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2025 (GCVE-0-2020-2025)
Vulnerability from nvd – Published: 2020-05-19 21:05 – Updated: 2024-09-16 19:35
VLAI
Title
Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file
Summary
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests.
Severity
8.8 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/pull/2487 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
unspecified , < 1.11.0
(custom)
|
Date Public
2020-05-19 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects Kata Containers on Cloud Hypervisor."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-19T21:05:21.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2487"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-05-19T16:00:00.000Z",
"ID": "CVE-2020-2025",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.11.0"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects Kata Containers on Cloud Hypervisor."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/pull/2487",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2487"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2025",
"datePublished": "2020-05-19T21:05:21.801Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:35:36.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2024 (GCVE-0-2020-2024)
Vulnerability from nvd – Published: 2020-05-19 21:05 – Updated: 2024-09-17 01:01
VLAI
Title
Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host
Summary
An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS.
Severity
6.5 (Medium)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/issues/2474 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2475 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
unspecified , < 1.11.0
(custom)
|
Date Public
2020-05-19 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-19T21:05:19.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-05-19T16:00:00.000Z",
"ID": "CVE-2020-2024",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.11.0"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/issues/2474",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2475",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2024",
"datePublished": "2020-05-19T21:05:19.715Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:01:22.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}