CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 1CVE-2020-27151
https://notcve.org/view.php?id=CVE-2020-27151
An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1. The runtime will execute binaries given using annotations without any kind of validation. Someone who is granted access rights to a cluster will be able to have kata-runtime execute arbitrary binaries as root on the worker nodes. Se detectó un problema en Kata Containers versiones hasta 1.11.3 y versiones 2.x hasta 2.0-rc1. El tiempo de ejecución ejecutará los binarios proporcionados mediante anotaciones sin ningún tipo de validación. • https://bugs.launchpad.net/katacontainers.io/+bug/1878234 https://github.com/kata-containers/kata-containers/releases/tag/2.0.0 https://github.com/kata-containers/runtime/releases/tag/1.11.5 https://github.com/kata-containers/runtime/releases/tag/1.12.0 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-28914
https://notcve.org/view.php?id=CVE-2020-28914
An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only. Una vulnerabilidad de permisos de archivo inapropiados afecta a Kata Containers versiones anteriores a 1.11.5. Cuando se usa un volumen hostPath de Kubernetes y se monta un archivo o directorio en un contenedor como de solo lectura, el file/directory es montado como readOnly dentro del contenedor, pero aún puede ser escribible dentro del invitado. • https://github.com/kata-containers/kata-containers/pull/1062 https://github.com/kata-containers/runtime/pull/3042 https://github.com/kata-containers/runtime/pull/3051 https://github.com/kata-containers/runtime/releases/tag/1.11.5 https://github.com/kata-containers/runtime/releases/tag/1.12.0 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-2023 – Kata Containers - Containers have access to the guest root filesystem device
https://notcve.org/view.php?id=CVE-2020-2023
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions. Kata Containers no restringe el acceso de los contenedores al dispositivo del sistema de archivos root del invitado. Los contenedores maliciosos pueden explotar esto para obtener la ejecución del código en el invitado y hacerse pasar por el agente de kata. • https://github.com/kata-containers/agent/issues/791 https://github.com/kata-containers/agent/pull/792 https://github.com/kata-containers/runtime/issues/2488 https://github.com/kata-containers/runtime/pull/2477 https://github.com/kata-containers/runtime/pull/2487 https://github.com/kata-containers/runtime/releases/tag/1.10.5 https://github.com/kata-containers/runtime/releases/tag/1.11.1 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-2026 – Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path
https://notcve.org/view.php?id=CVE-2020-2026
A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions. Un invitado malicioso comprometido antes de la creación de un contenedor (por ejemplo, una imagen maliciosa del invitado o un invitado que ejecuta múltiples contenedores) puede engañar al tiempo de ejecución de kata para que monte el sistema de archivos del contenedor no confiable en cualquier ruta de host, permitiendo potencialmente una ejecución de código en el host. Este problema afecta a: Kata Containers versiones 1.11 anteriores a 1.11.1; Kata Containers versiones 1.10 anteriores a 1.10.5; Kata Containers versiones 1.9 y anteriores • https://github.com/kata-containers/runtime/issues/2712 https://github.com/kata-containers/runtime/pull/2713 https://github.com/kata-containers/runtime/releases/tag/1.10.5 https://github.com/kata-containers/runtime/releases/tag/1.11.1 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H https://lists.fedoraproject.org/arc • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-2025 – Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file
https://notcve.org/view.php?id=CVE-2020-2025
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests. Kata Containers versiones anteriores a 1.11.0, en Cloud Hypervisor persisten cambios del sistema de archivos invitado en el archivo de imagen subyacente en el host. Un invitado malicioso puede sobrescribir el archivo de imagen para conseguir el control de todas las posteriores Máquinas Virtuales invitadas. • https://github.com/kata-containers/runtime/pull/2487 • CWE-281: Improper Preservation of Permissions CWE-284: Improper Access Control •