Back to search
CVE-2020-28914
Published: Nov 17, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/kata-containers/kata-containers/pull/1062
x_refsource_MISC
https://github.com/kata-containers/runtime/pull/3042
x_refsource_MISC
https://github.com/kata-containers/runtime/pull/3051
x_refsource_MISC
https://github.com/kata-containers/runtime/releases/tag/1.12.0
x_refsource_MISC
https://github.com/kata-containers/runtime/releases/tag/1.11.5
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now