This vulnerability was fixed in Kata Containers 3.31.0: https://github.com/kata-containers/kata-containers/releases/tag/3.31.0 https://github.com/kata-containers/kata-containers/commit/555b7738fe2f699af6d57712cf75330f012b4e3b
Description: In the runtime-rs standalone virtio-fs path, Kata Containers runs virtiofsd as root with --sandbox none --seccomp none. If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE requests directly to the host virtiofsd. Then, a raw FUSE_SYMLINK request whose new symlink name is an absolute host path is honored outside the virtio-fs shared directory. This lets guest root create host-root-owned symlinks in sensitive host paths. CVE: CVE-2026-47243 GHSA: GHSA-2gv2-cffp-j227 Original report: https://github.com/kata-containers/kata-containers/security/advisories/GHSA-2gv2-cffp-j227 --- Aurelien Bombo Kata Containers Vulnerability Management Team
