Kostya-Oai

**Name of the Vulnerable Software and Affected Versions** Kata Containers versions prior to 3.27.0 **Description** Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. An issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM, potentially achieving arbitrary code execution as root within the guest VM. The issue does not impact the security of the Host or other containers/VMs running on the same Host. Exploitation requires the `CAP MKNOD` capability. This allows a malicious actor to elevate privileges within the guest virtual machine and gain full control of the guest environment. **Recommendations** Upgrade to Kata Containers version 3.27.0 or later.