CVE-2020-2023

LOW

Kata Containers <1.11.1, <1.10.5, <=1.9 - RCE

Title source: llm

Description

Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.

Exploits (1)

nomisec WORKING POC 3 stars

by ssst0n3 · poc

https://github.com/ssst0n3/kata-cve-2020-2023-poc

View Code ZIP pw:eip

References (7)

[Third Party Advisory] https://github.com/kata-containers/agent/issues/791

[Patch] https://github.com/kata-containers/agent/pull/792

[Patch, Third Party Advisory] https://github.com/kata-containers/runtime/issues/2488

[Patch, Third Party Advisory] https://github.com/kata-containers/runtime/pull/2477

[Patch, Third Party Advisory] https://github.com/kata-containers/runtime/pull/2487

[Release Notes, Third Party Advisory] https://github.com/kata-containers/runtime/releases/tag/1.10.5

[Release Notes, Third Party Advisory] https://github.com/kata-containers/runtime/releases/tag/1.11.1

Scores

CVSS v3 3.8

EPSS 0.0176

EPSS Percentile 82.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Details

CWE

CWE-250

Status published

Products (3)

kata-containers/agent 0 - 1.9.1Go

kata-containers/runtime 0 - 1.9.1Go

katacontainers/runtime < 1.9

Published Jun 10, 2020

Tracked Since Feb 18, 2026