CVE-2026-24834

Name of the Vulnerable Software and Affected Versions Kata Containers versions prior to 3.27.0

Description Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. An issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM, potentially achieving arbitrary code execution as root within the guest VM. The issue does not impact the security of the Host or other containers/VMs running on the same Host. Exploitation requires the CAP MKNOD capability. This allows a malicious actor to elevate privileges within the guest virtual machine and gain full control of the guest environment.

Recommendations Upgrade to Kata Containers version 3.27.0 or later.