CVE-2020-28914 - OpenCVE

An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Katacontainers	Kata-containers

Configuration 1 [-]

cpe:2.3:a:katacontainers:kata-containers:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/kata-containers/kata-containers/pull/1062
https://github.com/kata-containers/runtime/pull/3042
https://github.com/kata-containers/runtime/pull/3051
https://github.com/kata-containers/runtime/releases/tag/1.11.5
https://github.com/kata-containers/runtime/releases/tag/1.12.0

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-11-17T21:23:33

Updated: 2024-08-04T16:41:00.143Z

Reserved: 2020-11-17T00:00:00

Link: CVE-2020-28914

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-11-17T22:15:12.387

Modified: 2020-12-04T15:25:33.877

Link: CVE-2020-28914

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-17T21:23:33", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/kata-containers/pull/1062"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/pull/3042"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/pull/3051"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.12.0"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.5"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-28914", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/kata-containers/kata-containers/pull/1062", "refsource": "MISC", "url": "https://github.com/kata-containers/kata-containers/pull/1062"}, {"name": "https://github.com/kata-containers/runtime/pull/3042", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/pull/3042"}, {"name": "https://github.com/kata-containers/runtime/pull/3051", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/pull/3051"}, {"name": "https://github.com/kata-containers/runtime/releases/tag/1.12.0", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/releases/tag/1.12.0"}, {"name": "https://github.com/kata-containers/runtime/releases/tag/1.11.5", "refsource": "MISC", "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.5"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T16:41:00.143Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/kata-containers/pull/1062"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/pull/3042"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/pull/3051"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.12.0"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.5"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-28914", "datePublished": "2020-11-17T21:23:33", "dateReserved": "2020-11-17T00:00:00", "dateUpdated": "2024-08-04T16:41:00.143Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:katacontainers:kata-containers:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0AA3993-8AEF-41CB-B05A-CCB3166028B7", "versionEndExcluding": "1.11.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only."}, {"lang": "es", "value": "Una vulnerabilidad de permisos de archivo inapropiados afecta a Kata Containers versiones anteriores a 1.11.5. Cuando se usa un volumen hostPath de Kubernetes y se monta un archivo o directorio en un contenedor como de solo lectura, el file/directory es montado como readOnly dentro del contenedor, pero a\u00fan puede ser escribible dentro del invitado. Para una situaci\u00f3n de fuga de contenedor, un invitado malicioso puede modificar o eliminar files/directories que se espera sean de solo lectura"}], "id": "CVE-2020-28914", "lastModified": "2020-12-04T15:25:33.877", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-17T22:15:12.387", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/kata-containers/kata-containers/pull/1062"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/pull/3042"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/pull/3051"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.5"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/kata-containers/runtime/releases/tag/1.12.0"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}]}