From 7a43405a79537f803ce747551fee457fbda11475 Mon Sep 17 00:00:00 2001 From: rcmadhankumar Date: Tue, 9 Jun 2026 15:40:00 +0530 Subject: [PATCH 4/4] CVE-2026-41567: daemon: Decompress archives before entering container filesystem -- MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit CVE-2026-41567 Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/archive` or piped through `docker cp -`, the daemon resolves decompression binaries (such as `xz` or `unpigz`) from the container's filesystem rather than the host's due to incorrect ordering of operations. A malicious container image containing a trojanized decompression binary can achieve arbitrary code execution with full daemon privileges, including host root UID and unrestricted capabilities, when a user uploads a compressed (xz or gzip) archive into that container. This issue is fixed in Docker Engine 29.5.1 and moby/moby v2.0.0-beta.14. Workarounds include only running containers from trusted images, using authorization plugins to restrict access to the `PUT /containers/{id}/archive` endpoint, and avoiding piping compressed archives into containers created from untrusted images Fix: daemon: Decompress archives before entering container filesystem Move decompression outside RunInFS to prevent executing attacker-controlled binaries from within the container filesystem. When dockerd handles `PUT /containers/{id}/archive`, it switches root into the container's filesystem before extracting the archive. Previously, archive.Untar was called inside RunInFS, which meant decompression binaries (xz, unpigz) were resolved via PATH inside the container's filesystem. A malicious binary at /usr/bin/xz in the container would be executed as host root. Fix by calling decompressing the archive before entering the container filesystem, then using unpacking the uncompressed tar stream inside RunInFS. This ensures decompression binaries are always resolved from the host filesystem. Signed-off-by: Paweł Gronowski Fixes bsc#1267827 Fixes CVE-2026-41567 Backport of