CVE-2020-2023— Kata Containers - Containers have access to the guest root filesystem device

CVSS 3.8 · Low EPSS 1.76% · P83 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-2023

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Kata Containers - Containers have access to the guest root filesystem device

Source: NVD (National Vulnerability Database)

Vulnerability Description

Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

带着不必要的权限执行

Source: NVD (National Vulnerability Database)

Vulnerability Title

Kata Containers 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Kata Containers是Kata Containers社区的一款开源的轻量级虚拟机构建程序。 Kata Containers 1.11.1之前的1.11版本、1.10.5之前的1.10版本和1.9及之前版本中存在安全漏洞。攻击者可利用该漏洞执行代码和冒充kata代理。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Kata Containers	Kata Containers	1.11 ~ 1.11.1	-

II. Public POCs for CVE-2020-2023

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/ssst0n3/kata-cve-2020-2023-poc	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-2023

请登录查看更多情报信息。

https://github.com/kata-containers/runtime/pull/2477x_refsource_MISC
https://github.com/kata-containers/runtime/issues/2488x_refsource_MISC
https://github.com/kata-containers/agent/pull/792x_refsource_MISC
https://github.com/kata-containers/runtime/releases/tag/1.11.1x_refsource_MISC
https://github.com/kata-containers/agent/issues/791x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-2023

IV. Related Vulnerabilities

Same product: Kata Containers

Same vendor: Kata Containers

Same weakness: CWE-250

V. Comments for CVE-2020-2023

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-2023— Kata Containers - Containers have access to the guest root filesystem device

I. Basic Information for CVE-2020-2023

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-2023

III. Intelligence Information for CVE-2020-2023

IV. Related Vulnerabilities

V. Comments for CVE-2020-2023

Leave a comment