Описание
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.
Ссылки
- Third Party Advisory
- Patch
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Release NotesThird Party Advisory
- Third Party Advisory
- Patch
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.9 (включая)Версия от 1.10 (включая) до 1.10.5 (исключая)Версия от 1.11 (включая) до 1.11.1 (исключая)
Одно из
cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*
cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*
cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02375
Низкий
3.8 Low
CVSS3
6.3 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-250
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers
EPSS
Процентиль: 85%
0.02375
Низкий
3.8 Low
CVSS3
6.3 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-250
NVD-CWE-noinfo