Description
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions prior to 3.27.0, an issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understanding is this doesn’t impact the security of the Host or of other containers / VMs running on that Host (note that arm64 QEMU lacks NVDIMM read-only support: It is believed that until the upstream QEMU gains this capability, a guest write could reach the image file). Version 3.27.0 patches the issue.
Published: 2026-02-19
Score: 9.4 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege escalation enabling root execution within the guest micro VM
Action: Patch
AI Analysis

Impact

Kata Containers, a lightweight virtual machine implementation for containers, contains a flaw in its use of Cloud Hypervisor that allows a user of a container to modify the filesystem used by the guest micro VM. This privilege escalation can be abused to execute arbitrary code with root privileges inside the guest VM, giving full control over that virtual machine.

Affected Systems

All versions of Kata Containers older than 3.27.0 are affected. Based on the description, it is inferred that the vulnerability applies to all host architectures. The vulnerability is tied to the Cloud Hypervisor component and does not impact the security of the host system or other containers and VMs running on the same host.

Risk and Exploitability

The CVSS score of 9.4 designates this flaw as critical, while the EPSS score of less than 1% indicates a very low current exploitation probability. The vulnerability is not listed in the CISA KEV catalog. An attacker would need to run within the compromised container; the attack does not extend to the host or other isolated workloads, but it allows full control of the guest VM’s environment.

Generated by OpenCVE AI on April 18, 2026 at 11:46 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Kata Containers to version 3.27.0 or later, which includes the Cloud Hypervisor fix.
  • If an immediate update cannot be performed, isolate the container environment and restrict filesystem permissions for the guest VM to prevent unauthorized modifications.
  • Consider disabling or removing the Cloud Hypervisor component as a temporary plug‑in to mitigate the risk until an official patch is applied.

Generated by OpenCVE AI on April 18, 2026 at 11:46 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-wwj6-vghv-5p64 Kata Container to Guest micro VM privilege escalation
History

Thu, 26 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 23 Feb 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Katacontainers kata Containers
CPEs cpe:2.3:a:katacontainers:kata_containers:*:*:*:*:*:*:*:*
Vendors & Products Katacontainers kata Containers

Fri, 20 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-281
References
Metrics threat_severity

None

 threat_severity

Important

Fri, 20 Feb 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Katacontainers
Katacontainers kata-containers
Vendors & Products Katacontainers
Katacontainers kata-containers

Fri, 20 Feb 2026 01:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 19 Feb 2026 16:30:00 +0000

Type Values Removed Values Added
Description Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions prior to 3.27.0, an issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understanding is this doesn’t impact the security of the Host or of other containers / VMs running on that Host (note that arm64 QEMU lacks NVDIMM read-only support: It is believed that until the upstream QEMU gains this capability, a guest write could reach the image file). Version 3.27.0 patches the issue.
Title Kata Container to Guest micro VM privilege escalation
Weaknesses CWE-732
References
Metrics cvssV3_1

{'score': 9.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Katacontainers Kata-containers Kata Containers
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-26T14:44:14.454Z

Reserved: 2026-01-27T14:51:03.058Z

Link: CVE-2026-24834

cve-icon Vulnrichment

Updated: 2026-02-19T20:57:47.167Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-19T17:24:49.823

Modified: 2026-02-23T20:15:54.893

Link: CVE-2026-24834

cve-icon Redhat

Severity : Important

Publid Date: 2026-02-19T15:57:50Z

Links: CVE-2026-24834 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T12:00:05Z

Weaknesses