Lucene search
Redhat.comRH:CVE-2020-14316HistoryJul 28, 2020 - 4:11 p.m.
CVE-2020-14316
2020-07-2816:11:30
redhat.com
access.redhat.com
8
0.001 Low
EPSS
Percentile
37.0%
A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instances (VMIs) can be used to gain access to the host’s filesystem. Successful exploitation allows an attacker to assume the privileges of the VM process on the host system. In worst-case scenarios an attacker can read and modify any file on the system where the VMI is running. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Mitigation
This flaw can be partially or completely mitigated by leveraging existing mechanisms to restrict the VMI process such as running as non-root and using SELinux and sVirt whenever possible.
Related
nvd
nvd
CVE-2020-14316
2020-07-29 19:15:14
osv
osv
CVE-2020-14316
2020-07-29 19:15:14
Privilege Escalation in kubevirt
2024-04-24 20:54:37
Privilege Escalation in kubevirt in kubevirt.io/kubevirt
2024-06-04 15:19:21
github
github
Privilege Escalation in kubevirt
2024-04-24 20:54:37
cvelist
cvelist
CVE-2020-14316
2020-07-29 18:48:23
prion
prion
Design/Logic Flaw
2020-07-29 19:15:00
veracode
veracode
Privilege Escalation
2024-04-25 06:38:23
cve
cve
CVE-2020-14316
2020-07-29 19:15:14
redhat
redhat