2 matches found
CVE-2020-2025
CVE-2020-2025 affects Kata Containers before 1.11.0 on Cloud Hypervisor. The issue lets a malicious guest persist or overwrite the underlying image file, potentially gaining control of subsequent VMs. Because Kata uses a shared VM image across VMMs, this may also impact QEMU and Firecracker based...
CVE-2020-2024
CVE-2020-2024 affects Kata Containers prior to 1.11.0. The vulnerability is an improper link resolution in kata-runtime that a malicious guest can exploit to trick the host into unmounting any mount point (and sub-mounts) on the host, potentially causing a host DoS. Impact is described as HIGH av...