Advisory GHSA-2gv2-cffp-j227 references a vulnerability in the following Go modules:
Description:
Summary
In the runtime-rs standalone virtio-fs path, verified here with QEMU (and verified with Cloud Hypervisor too), Kata Containers runs host virtiofsd as root with:
--sandbox none --seccomp none
If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE requests directly to the host virtiofsd. With the tested runtime-rs virtio-fs configuration, a raw FUSE_SYMLINK request whose new symlink name is an absolute host path is honored outside the virtio-fs shared directory.
This lets guest root create host-root owned symlinks in sensitive ...
References:
Cross references:
- github.com/kata-containers/kata-containers appears in 1 other report(s):
See doc/quickstart.md for instructions on how to triage this report.
id: GO-ID-PENDING
modules:
- module: github.com/kata-containers/kata-containers
versions:
- fixed: 0.0.0-20260519062212-ffa59ce3aa78
summary: 'Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs in github.com/kata-containers/kata-containers'
cves:
- CVE-2026-47243
ghsas:
- GHSA-2gv2-cffp-j227
references:
- advisory: https://github.com/advisories/GHSA-2gv2-cffp-j227
- advisory: https://github.com/kata-containers/kata-containers/security/advisories/GHSA-2gv2-cffp-j227
- fix: https://github.com/kata-containers/kata-containers/commit/ffa59ce3aa7877d067c9a372df0c329a23a01744
- web: https://github.com/kata-containers/kata-containers/releases/tag/3.31.0
notes:
- fix: 'github.com/kata-containers/kata-containers: could not add vulnerable_at: cannot auto-guess when fixed version is 0.0.0 pseudo-version'
source:
id: GHSA-2gv2-cffp-j227
created: 2026-05-27T23:01:18.999150173Z
review_status: UNREVIEWED
Advisory GHSA-2gv2-cffp-j227 references a vulnerability in the following Go modules:
Description:
Summary
In the runtime-rs standalone virtio-fs path, verified here with QEMU (and verified with Cloud Hypervisor too), Kata Containers runs host
virtiofsdas root with:If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE requests directly to the host
virtiofsd. With the tested runtime-rs virtio-fs configuration, a rawFUSE_SYMLINKrequest whose new symlink name is an absolute host path is honored outside the virtio-fs shared directory.This lets guest root create host-root owned symlinks in sensitive ...
References:
Cross references:
See doc/quickstart.md for instructions on how to triage this report.