Improper Privilege Management in Runtime - CVE-2020-2023
Published: June 10, 2020 / Updated: May 9, 2023
Vulnerability identifier: #VU34359
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/U:Clear
CVE-ID: CVE-2020-2023
CWE-ID: CWE-269
Exploitation vector: Local access
Exploit availability:
Public exploit is available
Vendor: Kata Containers
Affected software:
Runtime
Runtime
Detailed vulnerability description
The vulnerability allows a local authenticated user to read and manipulate data.
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.
How to mitigate CVE-2020-2023
Install update from vendor's website.
Sources
- https://github.com/kata-containers/agent/issues/791
- https://github.com/kata-containers/agent/pull/792
- https://github.com/kata-containers/runtime/issues/2488
- https://github.com/kata-containers/runtime/pull/2477
- https://github.com/kata-containers/runtime/pull/2487
- https://github.com/kata-containers/runtime/releases/tag/1.10.5
- https://github.com/kata-containers/runtime/releases/tag/1.11.1