Bug 1848294 (CVE-2020-2026) - CVE-2020-2026 kata-containers: Possibility to mount untrusted container filesystem on any host path leads to Remote Code Execution
Summary: CVE-2020-2026 kata-containers: Possibility to mount untrusted container files...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2020-2026
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1848295 1848296 1848297 1848298 1848300 1848301
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-06-18 07:49 UTC by Marian Rehak
Modified: 2021-10-28 05:26 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2021-10-28 05:26:42 UTC
Embargoed:

Attachments (Terms of Use)

Description Marian Rehak 2020-06-18 07:49:26 UTC 
A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions.

Upstream Issue:

https://github.com/kata-containers/runtime/issues/2712
Comment 1 Marian Rehak 2020-06-18 07:50:17 UTC 
Created kata-agent tracking bugs for this issue:

Affects: fedora-31 [bug 1848295]


Created kata-ksm-throttler tracking bugs for this issue:

Affects: fedora-31 [bug 1848296]


Created kata-osbuilder tracking bugs for this issue:

Affects: fedora-31 [bug 1848297]


Created kata-proxy tracking bugs for this issue:

Affects: fedora-31 [bug 1848298]


Created kata-runtime tracking bugs for this issue:

Affects: fedora-31 [bug 1848300]


Created kata-shim tracking bugs for this issue:

Affects: fedora-31 [bug 1848301]
Note You need to log in before you can comment on or make changes to this bug.