GHSA-RH99-WC69-C255

Vulnerability from github – Published: 2026-04-30 20:57 – Updated: 2026-04-30 20:57
VLAI?
Summary
Contras Affected by CopyFile Policy Subversion via Symlinks
Details

Impact

The Kata agent policies generated by the Contrast CLI had an issue in the CopyFile verification, which allowed arbitrary writes to the guest root filesytem. A malicious process on the host with the capability to connect to the Kata agent VSOCK could connect to the agent and issue a series of CopyFile requests to overwrite security-critical files or trick the workload into disclosing sensitive data, which effectively amounts to a full guest takeover.

Patches

This issue has been patched in Contrast v1.19.1.

Note that this fix does not change the fact that host-provided content is generally not trustworthy, as documented.

Workarounds

If upgrading is not possible, users can implement the fix in rego and pass it to contrast generate --policy. The rego-only fix is a bit trickier than the patch, because the data to check is binary. See the references for details.

Resources

  • Upstream GHSA: https://github.com/kata-containers/kata-containers/security/advisories/GHSA-q49m-57vm-c8cc
  • Alternative policy-only fix: https://gist.github.com/burgerdev/304dd0ab0fff1665b7c27e18a30cf96e
Severity ?
8.1 (High)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/edgelesssys/contrast"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.19.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-30T20:57:17Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Impact\n\nThe [Kata agent policies](https://docs.edgeless.systems/contrast/architecture/components/policies) generated by the Contrast CLI had an issue in the `CopyFile` verification, which allowed arbitrary writes to the guest root filesytem. A malicious process on the host with the capability to connect to the Kata agent VSOCK could connect to the agent and issue a series of `CopyFile` requests to overwrite security-critical files or trick the workload into disclosing sensitive data, which effectively amounts to a full guest takeover.\n\n### Patches\n\nThis issue has been patched in Contrast v1.19.1.\n\nNote that this fix does not change the fact that host-provided content is generally not trustworthy, as documented.\n\n### Workarounds\n\nIf upgrading is not possible, users can implement the fix in rego and pass it to `contrast generate --policy`. The rego-only fix is a bit trickier than the patch, because the data to check is binary. See the references for details.\n\n### Resources\n\n* Upstream GHSA: https://github.com/kata-containers/kata-containers/security/advisories/GHSA-q49m-57vm-c8cc\n* Alternative policy-only fix: https://gist.github.com/burgerdev/304dd0ab0fff1665b7c27e18a30cf96e",
  "id": "GHSA-rh99-wc69-c255",
  "modified": "2026-04-30T20:57:17Z",
  "published": "2026-04-30T20:57:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/edgelesssys/contrast/security/advisories/GHSA-rh99-wc69-c255"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kata-containers/kata-containers/security/advisories/GHSA-q49m-57vm-c8cc"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/burgerdev/304dd0ab0fff1665b7c27e18a30cf96e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/edgelesssys/contrast"
    },
    {
      "type": "WEB",
      "url": "https://github.com/edgelesssys/contrast/releases/tag/v1.19.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Contras Affected by CopyFile Policy Subversion via Symlinks"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.