CVEs-PoC/2020/CVE-2020-2024.md

### [CVE-2020-2024](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2024)
![](https://img.shields.io/static/v1?label=Product&message=Kata%20Containers&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%201.11.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen)

### Description

An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS.

### POC

#### Reference
- https://github.com/kata-containers/runtime/issues/2474

#### Github
No PoCs found on GitHub currently.