Skip to main content

Kata Containers CVE-2026-24834

CRITICAL
Incorrect Permission Assignment for Critical Resource (CWE-732)
2026-02-19 security-advisories@github.com GHSA-wwj6-vghv-5p64
Privilege Escalation RCE Kata Containers Red Hat Suse
9.3
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
9.3 CRITICAL
AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
SUSE
CRITICAL
qualitative
Red Hat
9.3 HIGH
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 12, 2026 - 22:03 vuln.today
PoC Detected
Feb 23, 2026 - 20:15 vuln.today
Public exploit code
Patch released
Feb 23, 2026 - 20:15 nvd
Patch available
CVE Published
Feb 19, 2026 - 17:24 nvd
CRITICAL 9.3

DescriptionGitHub Advisory

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions prior to 3.27.0, an issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understanding is this doesn’t impact the security of the Host or of other containers / VMs running on that Host (note that arm64 QEMU lacks NVDIMM read-only support: It is believed that until the upstream QEMU gains this capability, a guest write could reach the image file). Version 3.27.0 patches the issue.

AnalysisAI

Incorrect permissions in Kata Containers allow container escape via file permission manipulation. PoC and patch available.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local container access
Exploit
Modify guest VM file system
Execution
Inject malicious code
Impact
Execute arbitrary commands as root in VM
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Kata Containers prior to 3.27.0 with Cloud Hypervisor backend; local container user access required; arm64 QEMU deployments lack NVDIMM read-only protection, increasing vulnerability exposure Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 9.3. Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario Container escapes via permission manipulation.
Remediation Apply security update. Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: inventory all systems running Kata Containers versions prior to 3.27.0 and assess which environments host untrusted workloads. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Critical
Product Status
openSUSE Leap 15.6 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP5 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP6 Fixed
openSUSE Leap 15.5 Fixed

Share

CVE-2026-24834 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy