CVE-2020-2024

An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-05-19 21:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-2024

Mitre link : CVE-2020-2024

CVE.ORG link : CVE-2020-2024


JSON object : View

Products Affected

katacontainers

  • runtime
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')