vulnerability
Oracle Linux: CVE-2020-2025: ELSA-2020-5766: Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes olcne security update (IMPORTANT)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | May 19, 2020 | Jul 23, 2020 | Dec 3, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
May 19, 2020
Added
Jul 23, 2020
Modified
Dec 3, 2025
Description
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may also affect QEMU and Firecracker based guests.
Solutions
oracle-linux-upgrade-kataoracle-linux-upgrade-kata-imageoracle-linux-upgrade-kata-runtimeoracle-linux-upgrade-kernel-uek-containeroracle-linux-upgrade-kubeadmoracle-linux-upgrade-kubectloracle-linux-upgrade-kubeletoracle-linux-upgrade-olcne-agentoracle-linux-upgrade-olcne-api-serveroracle-linux-upgrade-olcnectloracle-linux-upgrade-olcne-nginxoracle-linux-upgrade-olcne-utils
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.