CVE-2020-2024 - OpenCVE

An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Katacontainers	Runtime

Configuration 1 [-]

cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/kata-containers/runtime/issues/2474
https://github.com/kata-containers/runtime/pull/2475

History

No history.

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2020-05-19T21:05:19.715098Z

Updated: 2024-09-17T01:01:22.908Z

Reserved: 2019-12-04T00:00:00

Link: CVE-2020-2024

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-05-19T21:15:10.070

Modified: 2020-05-21T17:13:02.130

Link: CVE-2020-2024

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Kata Containers", "vendor": "Kata Containers", "versions": [{"lessThan": "1.11.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."}], "credits": [{"lang": "en", "value": "Yuval Avrahami, Palo Alto Networks"}], "datePublic": "2020-05-19T00:00:00", "descriptions": [{"lang": "en", "value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-59", "description": "CWE-59 Improper Link Resolution Before File Access ('Link Following')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-05-19T21:05:19", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/issues/2474"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/pull/2475"}], "source": {"discovery": "EXTERNAL"}, "title": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2020-05-19T16:00:00.000Z", "ID": "CVE-2020-2024", "STATE": "PUBLIC", "TITLE": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Kata Containers", "version": {"version_data": [{"version_affected": "<", "version_value": "1.11.0"}]}}]}, "vendor_name": "Kata Containers"}]}}, "configuration": [{"lang": "en", "value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."}], "credit": [{"lang": "eng", "value": "Yuval Avrahami, Palo Alto Networks"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-59 Improper Link Resolution Before File Access ('Link Following')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/kata-containers/runtime/issues/2474", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/issues/2474"}, {"name": "https://github.com/kata-containers/runtime/pull/2475", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/pull/2475"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:54:00.588Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/issues/2474"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/pull/2475"}]}]}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2020-2024", "datePublished": "2020-05-19T21:05:19.715098Z", "dateReserved": "2019-12-04T00:00:00", "dateUpdated": "2024-09-17T01:01:22.908Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D33AE8C-B850-4A56-B7F2-8D9CD0839E83", "versionEndExcluding": "1.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."}, {"lang": "es", "value": "Una vulnerabilidad de resoluci\u00f3n de enlace inapropiada afecta a Kata Containers versiones anteriores a 1.11.0. Tras el desmontaje del contenedor, un invitado malicioso puede enga\u00f1ar al kata-runtime para que desmonte cualquier punto de montaje en el host y todos los puntos de montaje debajo de \u00e9l, lo que puede generar una DoS del host."}], "id": "CVE-2020-2024", "lastModified": "2020-05-21T17:13:02.130", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2020-05-19T21:15:10.070", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/issues/2474"}, {"source": "psirt@paloaltonetworks.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/pull/2475"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-59"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}