CVE-2020-2023

Published
View on NVD ↗
CVSS v3
3.8
LOW
CVSS v2
4.6
MEDIUM
Affected
2
PROJECTS

Description

Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.

kata-containers/runtime
kata-containers/runtime
Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers).
GitHubGitHub
2.09K
kata-containers/agent
kata-containers/agent
Kata Containers version 1.x agent (for version 2.x see https://github.com/kata-containers/kata-containers). Virtual Machine agent for hardware virtualized containers
GitHubGitHub
247