Docker, Race Condition, CVE-2026-42306 (High)

Listen to this Post

How the CVE works (technical)

  1. When `docker cp` copies data into a container, the daemon builds a temporary filesystem view.
  2. It bind‑mounts the container’s volumes into a private mount namespace.
  3. For each volume, the mount destination is resolved inside the container root using GetResourcePath.
  4. If the destination does not exist, `createIfNotExists` is called to create the mountpoint (a file or directory).
  5. Between path resolution and the actual creation, a malicious container process can swap a path component with a symlink.
  6. The symlink points to an arbitrary absolute path on the host filesystem (e.g., /etc/docker/daemon.json).
  7. The `createIfNotExists` function uses `os.MkdirAll` and `os.OpenFile` on the already‑resolved absolute path.
  8. These functions follow symlinks in every intermediate directory component.
  9. Because the race window is exploited, the symlink is followed outside the container root.
  10. As a result, an empty file or directory is created on the host filesystem, running with root privileges.
  11. The temporary mount namespace and the bind‑mount are only torn down after `docker cp` completes.
  12. However, the newly created empty file/directory persists on the host.
  13. This is a pure creation primitive – existing host files cannot be overwritten or read.
  14. The vulnerability requires the container to have at least one volume mount.
  15. The container process must be able to rapidly create and swap symlinks at the destination path.
  16. The attack is triggered when an operator runs `docker cp` into the container, or calls the archive API endpoints.
  17. The flaw is a classic Time‑Of‑Check‑Time‑Of‑Use (TOCTOU) race condition.
  18. It exists because the daemon trusts the path resolution result after the container has already changed the filesystem.
  19. The patch introduces `os.Root` (Go 1.24+) which refuses to follow symlinks that escape the opened root directory.
  20. All filesystem operations are now performed through that `os.Root` handle, confining creations to the container.

dailycve form

Platform: Docker
Version: ≤28.5.2
Vulnerability: Race condition
Severity: High
date: 2026‑05‑18

Prediction: May 18,2026

Analytics under heading What Undercode Say:

Monitor for symlink‑swap attempts inside containers
auditctl -a always,exit -F arch=b64 -S symlink,rename -S mkdir -k symlink_race
Log all `docker cp` operations
docker events --filter event=exec_start --filter type=container | grep -E "docker cp|/archive"

How Exploit:

Inside the malicious container (simplified race loop)
while true; do
ln -sf /etc/docker/daemon.json /mnt/volume/some/path/target
Trigger `docker cp` from outside while this loop runs
done
The `createIfNotExists` call will then follow the symlink and create
an empty directory at `/etc/docker/daemon.json` on the host.

Protection from this CVE

  • Upgrade to Docker `v28.5.3` or any version with the os.Root‑based patch.
  • Never run `docker cp` against untrusted containers.
  • Use an authorization plugin to block `PUT /containers/{id}/archive` and HEAD /containers/{id}/archive.
  • Run containers without volume mounts when possible.

Impact

  • A malicious container can create empty files/directories anywhere on the host as root.
  • Converting `/etc/docker/daemon.json` into a directory prevents the daemon from restarting.
  • Creating `/etc/nologin` blocks all user logins on the host.
  • Overwriting critical system paths breaks host services (persistent DoS).
  • Read/write access to existing host files is not granted – only creation of new empty entries.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top