{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/moby/moby--28.5.2/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["docker/docker (\u003c= 28.5.2)","moby/moby/v2 (\u003c 2.0.0-beta.14)","moby/moby (\u003c= 28.5.2)"],"_cs_severities":["high"],"_cs_tags":["privilege-escalation","defense-evasion","docker"],"_cs_type":"threat","_cs_vendors":["Docker","Moby"],"content_html":"\u003cp\u003eA race condition vulnerability exists in Docker\u0026rsquo;s \u003ccode\u003edocker cp\u003c/code\u003e command related to the setup of temporary filesystem views when copying files into a container. This flaw, identified as CVE-2026-42306, allows a malicious container to redirect a bind mount target to an arbitrary host path. The vulnerability occurs because, during the setup, a process inside the container can replace the mount destination with a symlink pointing to the host before the mount syscall completes. This can lead to overwriting host files with the volume\u0026rsquo;s contents or causing denial of service by masking the host path. This vulnerability affects \u003ccode\u003edocker/docker\u003c/code\u003e versions up to 28.5.2 and \u003ccode\u003emoby/moby\u003c/code\u003e versions up to 28.5.2 and versions of \u003ccode\u003emoby/moby/v2\u003c/code\u003e prior to 2.0.0-beta.14.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eA container with at least one volume mount is created.\u003c/li\u003e\n\u003cli\u003eA malicious process within the container gains the ability to rapidly create and swap symlinks at the volume mount destination path.\u003c/li\u003e\n\u003cli\u003eThe attacker identifies a target host path for redirection.\u003c/li\u003e\n\u003cli\u003eThe attacker prepares malicious content to overwrite the host path.\u003c/li\u003e\n\u003cli\u003eAn operator initiates a \u003ccode\u003edocker cp\u003c/code\u003e command to copy files into the container.\u003c/li\u003e\n\u003cli\u003eBefore the \u003ccode\u003emount()\u003c/code\u003e syscall completes, the malicious process replaces the mount destination with a symlink pointing to the attacker-controlled host path.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003emount()\u003c/code\u003e syscall follows the symlink, and the volume is bind-mounted to the attacker-controlled host path.\u003c/li\u003e\n\u003cli\u003eDepending on the volume content and permissions, either the host files are overwritten, or the host path is masked, potentially leading to denial of service.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this race condition (CVE-2026-42306) allows a malicious container to redirect a volume bind mount to an arbitrary host path. If the volume is writable, arbitrary host files at the redirected path could be overwritten, leading to data corruption or system compromise. If the volume is read-only, the host path is masked by the mount, causing a denial of service. While the mount is temporary and torn down after the \u003ccode\u003edocker cp\u003c/code\u003e completes, the effects of any writes persist.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to patched versions of \u003ccode\u003ego/github.com/docker/docker\u003c/code\u003e and \u003ccode\u003ego/github.com/moby/moby\u003c/code\u003e to address CVE-2026-42306.\u003c/li\u003e\n\u003cli\u003eOnly run containers from trusted images to minimize the risk of malicious processes exploiting the vulnerability.\u003c/li\u003e\n\u003cli\u003eAvoid using \u003ccode\u003edocker cp\u003c/code\u003e with untrusted running containers to prevent unintended bind mount redirection.\u003c/li\u003e\n\u003cli\u003eImplement authorization plugins to restrict access to the archive API endpoints (\u003ccode\u003ePUT /containers/{id}/archive\u003c/code\u003e, \u003ccode\u003eHEAD /containers/{id}/archive\u003c/code\u003e) as a workaround.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-18T17:54:09Z","date_published":"2026-05-18T17:54:09Z","id":"https://feed.craftedsignal.io/briefs/2026-05-docker-bind-mount-redirection/","summary":"A race condition in Docker's `docker cp` command allows a malicious container to redirect a bind mount target to an arbitrary host path by manipulating symlinks during the setup of temporary filesystem views, potentially overwriting host files or causing denial of service.","title":"Docker Race Condition Allows Bind Mount Redirection to Host Path (CVE-2026-42306)","url":"https://feed.craftedsignal.io/briefs/2026-05-docker-bind-mount-redirection/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Docker (\u003c= 28.5.2)","moby/moby (\u003c= 28.5.2)","moby/moby/v2 (\u003c 2.0.0-beta.14)"],"_cs_severities":["high"],"_cs_tags":["docker","container","rce","privilege-escalation","CVE-2026-41567"],"_cs_type":"threat","_cs_vendors":["Docker","Moby"],"content_html":"\u003cp\u003eA vulnerability, identified as CVE-2026-41567, exists in Docker related to the handling of compressed archives uploaded via the \u003ccode\u003ePUT /containers/{id}/archive\u003c/code\u003e endpoint. When a user uploads a compressed archive into a container, a malicious image can execute arbitrary code with daemon (host root) privileges. The vulnerability stems from the Docker daemon incorrectly resolving decompression binaries from the container\u0026rsquo;s filesystem instead of the host\u0026rsquo;s when handling \u003ccode\u003ePUT /containers/{id}/archive\u003c/code\u003e requests with compressed archives. This allows a container image containing a trojanized decompression binary (e.g., xz or gzip) to achieve code execution as the daemon process whenever a compressed archive is uploaded to that container. This issue affects Docker versions up to 28.5.2, moby/moby versions up to 28.5.2, and go/github.com/moby/moby/v2 versions prior to 2.0.0-beta.14.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious Docker image containing a trojanized decompression binary (e.g., \u003ccode\u003exz\u003c/code\u003e or \u003ccode\u003egzip\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe attacker deploys the malicious Docker image to a system.\u003c/li\u003e\n\u003cli\u003eA user runs a container from the malicious image.\u003c/li\u003e\n\u003cli\u003eThe user uploads a compressed archive (either xz or gzip) into the container. This can be achieved by piping a compressed archive via \u003ccode\u003edocker cp -\u003c/code\u003e or by calling the \u003ccode\u003ePUT /containers/{id}/archive\u003c/code\u003e API directly with compressed content.\u003c/li\u003e\n\u003cli\u003eWhen processing the \u003ccode\u003ePUT /containers/{id}/archive\u003c/code\u003e request, the Docker daemon attempts to decompress the archive.\u003c/li\u003e\n\u003cli\u003eDue to the vulnerability, the Docker daemon executes the trojanized decompression binary from within the container\u0026rsquo;s filesystem instead of using a trusted host binary.\u003c/li\u003e\n\u003cli\u003eThe trojanized decompression binary executes arbitrary code with the privileges of the Docker daemon, which includes host root privileges.\u003c/li\u003e\n\u003cli\u003eThe attacker gains control of the host system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability leads to arbitrary code execution as host root, effectively bypassing the container-to-host trust boundary. This allows an attacker to gain full control of the host system, potentially leading to data exfiltration, system compromise, or other malicious activities.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Docker version 28.5.3 or later to remediate CVE-2026-41567.\u003c/li\u003e\n\u003cli\u003eApply available patches for \u003ccode\u003ego/github.com/moby/moby/v2\u003c/code\u003e before version 2.0.0-beta.14 to remediate CVE-2026-41567.\u003c/li\u003e\n\u003cli\u003eImplement authorization plugins to restrict access to the \u003ccode\u003ePUT /containers/{id}/archive\u003c/code\u003e endpoint, as recommended in the overview.\u003c/li\u003e\n\u003cli\u003eAvoid piping compressed archives into containers created from untrusted images, as discussed in the conditions for exploitation.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-18T17:47:42Z","date_published":"2026-05-18T17:47:42Z","id":"https://feed.craftedsignal.io/briefs/2026-05-docker-archive-rce/","summary":"A vulnerability exists in Docker where a malicious container image can execute arbitrary code with host root privileges by exploiting the decompression of compressed archives uploaded via the `PUT /containers/{id}/archive` endpoint, tracked as CVE-2026-41567.","title":"Docker `PUT /containers/{id}/archive` Vulnerability Allows Host Root Code Execution","url":"https://feed.craftedsignal.io/briefs/2026-05-docker-archive-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — Moby/Moby (\u003c= 28.5.2)","version":"https://jsonfeed.org/version/1.1"}