Описание
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.11.0 (исключая)
cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00047
Низкий
8.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-284
CWE-281
Связанные уязвимости
oracle-oval
почти 5 лет назад
ELSA-2020-5766: Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes olcne security update (IMPORTANT)
oracle-oval
почти 5 лет назад
ELSA-2020-5765: Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne security update (IMPORTANT)
EPSS
Процентиль: 15%
0.00047
Низкий
8.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-284
CWE-281