{"containers": {"cna": {"affected": [{"product": "Kata Containers", "vendor": "Kata Containers", "versions": [{"lessThan": "1.11.1", "status": "affected", "version": "1.11", "versionType": "custom"}, {"lessThan": "1.10.5", "status": "affected", "version": "1.10", "versionType": "custom"}, {"lessThanOrEqual": "1.9", "status": "affected", "version": "1", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "Affects QEMU and Cloud Hypervisor based guests."}], "credits": [{"lang": "en", "value": "Yuval Avrahami, Palo Alto Networks"}], "datePublic": "2020-06-10T00:00:00", "descriptions": [{"lang": "en", "value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-59", "description": "CWE-59 Improper Link Resolution Before File Access ('Link Following')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-11-05T03:06:14", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/issues/2712"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/pull/2713"}, {"name": "FEDORA-2020-7a0b6071a4", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"}, {"name": "FEDORA-2020-2f5879aeb6", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"}, {"name": "FEDORA-2020-c33083813d", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"}, {"name": "FEDORA-2020-1af9cd8c87", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"}, {"name": "FEDORA-2020-61fcf3ffc7", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"}, {"name": "FEDORA-2020-15a1bde727", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"}], "source": {"discovery": "EXTERNAL"}, "title": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2020-06-10T16:00:00.000Z", "ID": "CVE-2020-2026", "STATE": "PUBLIC", "TITLE": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Kata Containers", "version": {"version_data": [{"version_affected": "<", "version_name": "1.11", "version_value": "1.11.1"}, {"version_affected": "<", "version_name": "1.10", "version_value": "1.10.5"}, {"version_affected": "<=", "version_name": "1", "version_value": "1.9"}]}}]}, "vendor_name": "Kata Containers"}]}}, "configuration": [{"lang": "en", "value": "Affects QEMU and Cloud Hypervisor based guests."}], "credit": [{"lang": "eng", "value": "Yuval Avrahami, Palo Alto Networks"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-59 Improper Link Resolution Before File Access ('Link Following')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/kata-containers/runtime/releases/tag/1.11.1", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"}, {"name": "https://github.com/kata-containers/runtime/releases/tag/1.10.5", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"}, {"name": "https://github.com/kata-containers/runtime/issues/2712", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/issues/2712"}, {"name": "https://github.com/kata-containers/runtime/pull/2713", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/pull/2713"}, {"name": "FEDORA-2020-7a0b6071a4", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"}, {"name": "FEDORA-2020-2f5879aeb6", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"}, {"name": "FEDORA-2020-c33083813d", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"}, {"name": "FEDORA-2020-1af9cd8c87", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"}, {"name": "FEDORA-2020-61fcf3ffc7", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"}, {"name": "FEDORA-2020-15a1bde727", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:54:00.553Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/issues/2712"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/pull/2713"}, {"name": "FEDORA-2020-7a0b6071a4", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"}, {"name": "FEDORA-2020-2f5879aeb6", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"}, {"name": "FEDORA-2020-c33083813d", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"}, {"name": "FEDORA-2020-1af9cd8c87", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"}, {"name": "FEDORA-2020-61fcf3ffc7", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"}, {"name": "FEDORA-2020-15a1bde727", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"}]}]}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2020-2026", "datePublished": "2020-06-10T17:27:46.151024Z", "dateReserved": "2019-12-04T00:00:00", "dateUpdated": "2024-09-16T19:35:42.559Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "0AB886E3-03F3-43FA-AE4F-092FA6246A31", "versionEndIncluding": "1.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD1E8DE9-C5B6-4DA0-A5B2-A6C3B38DD2B6", "versionEndExcluding": "1.10.5", "versionStartIncluding": "1.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "1358CC70-876F-4CA6-AC86-551883794212", "versionEndExcluding": "1.11.1", "versionStartIncluding": "1.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."}, {"lang": "es", "value": "Un invitado malicioso comprometido antes de la creaci\u00f3n de un contenedor (por ejemplo, una imagen maliciosa del invitado o un invitado que ejecuta m\u00faltiples contenedores) puede enga\u00f1ar al tiempo de ejecuci\u00f3n de kata para que monte el sistema de archivos del contenedor no confiable en cualquier ruta de host, permitiendo potencialmente una ejecuci\u00f3n de c\u00f3digo en el host. Este problema afecta a: Kata Containers versiones 1.11 anteriores a 1.11.1; Kata Containers versiones 1.10 anteriores a 1.10.5; Kata Containers versiones 1.9 y anteriores"}], "id": "CVE-2020-2026", "lastModified": "2024-11-21T05:24:29.180", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 6.0, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-10T18:15:11.360", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/issues/2712"}, {"source": "psirt@paloaltonetworks.com", "tags": ["Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/pull/2713"}, {"source": "psirt@paloaltonetworks.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"}, {"source": "psirt@paloaltonetworks.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"}, {"source": "psirt@paloaltonetworks.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"}, {"source": "psirt@paloaltonetworks.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"}, {"source": "psirt@paloaltonetworks.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"}, {"source": "psirt@paloaltonetworks.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"}, {"source": "psirt@paloaltonetworks.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"}, {"source": "psirt@paloaltonetworks.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/issues/2712"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/pull/2713"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}