cve/CVE-2020-2023.md at 02b2e6ec35cdb7986441d4aba09d9792f0abaf03

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.

POC

Reference

https://github.com/kata-containers/runtime/pull/2477

Github

https://github.com/Metarget/metarget
https://github.com/brant-ruan/awesome-container-escape
https://github.com/ssst0n3/kata-cve-2020-2023-poc

1.0 KiB Raw Blame History

CVE-2020-2023

Description

POC

Reference

Github

1.0 KiB

Raw Blame History