Bergwolf

**Name of the Vulnerable Software and Affected Versions** Kata Containers versions prior to 1.11.1 Kata Containers versions prior to 1.10.5 Kata Containers version 1.9 and earlier **Description** A malicious guest compromised before a container creation, such as a malicious guest image or a guest running multiple containers, can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. **Recommendations** For Kata Containers versions prior to 1.11.1, update to version 1.11.1 or later. For Kata Containers versions prior to 1.10.5, update to version 1.10.5 or later. For Kata Containers version 1.9 and earlier, update to a version later than 1.9.

**Name of the Vulnerable Software and Affected Versions** Kata Containers versions prior to 1.11.0 **Description** The issue is related to an improper link resolution, which can be exploited by a malicious guest upon container teardown. This can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentially resulting in a host Denial of Service (DoS). **Recommendations** For versions prior to 1.11.0, update to version 1.11.0 or later to resolve the issue.