12 matches found
CVE-2026-41326
A flaw was found in Kata Containers. An oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those...
GHSA-Q49M-57VM-C8CC Kata Container has CopyFile Policy Subversion via Symlinks
Summary An oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those running inside CVMs. Details...
Kata Container has CopyFile Policy Subversion via Symlinks
Summary An oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those running inside CVMs. Details...
Contras Affected by CopyFile Policy Subversion via Symlinks
Impact The Kata agent policies generated by the Contrast CLI had an issue in the CopyFile verification, which allowed arbitrary writes to the guest root filesytem. A malicious process on the host with the capability to connect to the Kata agent VSOCK could connect to the agent and issue a series ...
GHSA-RH99-WC69-C255 Contras Affected by CopyFile Policy Subversion via Symlinks
Impact The Kata agent policies generated by the Contrast CLI had an issue in the CopyFile verification, which allowed arbitrary writes to the guest root filesytem. A malicious process on the host with the capability to connect to the Kata agent VSOCK could connect to the agent and issue a series ...
CVE-2026-41326
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...
CVE-2026-41326 Kata Containers: CopyFile Policy Subversion via Symlinks
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...
CVE-2026-41326 Kata Containers: CopyFile Policy Subversion via Symlinks
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...
CVE-2026-41326
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...
CVE-2026-41326
Kata Containers CVE-2026-41326 affects versions v3.4.0–v3.28.0 due to an oversight in the CopyFile policy/handler that allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can overwrite binaries inside the guest and exfiltrate data from containers, includin...
EUVD-2026-25611
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...
PT-2026-35062
Name of the Vulnerable Software and Affected Versions Kata Containers versions 3.4.0 through 3.28.0 Description An oversight in the CopyFile policy and potentially the CopyFile handler allows untrusted hosts to write to arbitrary locations within the guest workload image. This flaw can be exploit...