Unrated severityNVD Advisory· Published May 19, 2020· Updated Sep 16, 2024
Kata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image file
CVE-2020-2025
Description
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<1.11.0+ 1 more
- (no CPE)range: <1.11.0
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- github.com/kata-containers/runtime/pull/2487mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.