Описание
An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS.
Ссылки
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.11.0 (исключая)
cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00123
Низкий
6.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-59
CWE-59
Связанные уязвимости
oracle-oval
почти 5 лет назад
ELSA-2020-5766: Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes olcne security update (IMPORTANT)
oracle-oval
почти 5 лет назад
ELSA-2020-5765: Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne security update (IMPORTANT)
EPSS
Процентиль: 33%
0.00123
Низкий
6.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-59
CWE-59