CNNVD-202509-3640 Information
CNNVD ID
CNNVD-202509-3640
Related CVE
- CNNVD Published: 2025-09-23
Description (Chinese)
Kata Containers是Kata Containers社区的一款开源的轻量级虚拟机构建程序。 Kata Containers 3.20.0及之前版本存在代码问题漏洞,该漏洞源于恶意主机可绕过initdata验证,可能导致攻击者启动任意工作负载并成功验证。
Description (English)
Kata Containers is an open-source, lightweight virtual institution for the Kata Containers community. Cata Containers 3.2.0 and earlier versions had a code gap, which stemmed from the fact that the malicious mainframe could bypass initdata certification, which could lead to the attackers initiating an arbitrary load and successfully verifying.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
Kata Containers
Published
2025-09-23
Last Modified
2026-02-24
References
https://github.com/kata-containers/kata-containers/commit/3e67f92e34be974e792c153add76e4e4baac9de0 https://github.com/kata-containers/kata-containers/security/advisories/GHSA-989w-4xr2-ww9m
Patch
https://github.com/kata-containers/kata-containers/releases/tag/3.21.0
Share on: