Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-41579

CVE-2026-41579: Linuxfoundation Runc Path Traversal Bug

CVE-2026-41579 is a path traversal vulnerability in Linuxfoundation Runc that allows malicious container images to delete host files or create symlinks in arbitrary directories. This article covers technical details, affected versions, impact, and mitigation steps.

Published:

CVE-2026-41579 Overview

CVE-2026-41579 is a symlink handling vulnerability in runc, the CLI tool for spawning and running containers according to the Open Container Initiative (OCI) specification. During container rootfs setup, the setupPtmx and setupDevSymlinks functions call os.Remove and os.Symlink using paths constructed with filepath.Join. A malicious container image that ships /dev as a symlink can trick runc into deleting host files named ptmx or creating a hardcoded set of symlinks in an arbitrary pre-existing host directory. The flaw is classified under [CWE-61: UNIX Symbolic Link (Symlink) Following]. Docker is not exploitable because its top-level read-only layer masks the malicious /dev symlink, but other higher-level runtimes built on runc remain exposed.

Critical Impact

A crafted container image can cause runc to remove host files named ptmx or plant symlinks in existing host directories, enabling tampering with host filesystem state outside the container boundary.

Affected Products

  • runc versions prior to 1.3.6
  • runc 1.4.0-rc.1 through 1.4.0-rc.12
  • runc 1.5.0-rc.1 and 1.5.0-rc.2

Discovery Timeline

  • 2026-07-01 - CVE-2026-41579 published to NVD
  • 2026-07-02 - Last updated in NVD database

Technical Details for CVE-2026-41579

Vulnerability Analysis

The vulnerability resides in the rootfs initialization path of runc. When preparing the container filesystem, runc calls setupPtmx and setupDevSymlinks to create device nodes and symbolic links under /dev inside the container rootfs. Both routines build target paths using filepath.Join(rootfs, "/dev/...") and then invoke os.Remove and os.Symlink on the resulting string. Because filepath.Join performs only lexical path cleaning, it does not resolve intermediate symlinks. If a malicious image ships /dev itself as a symlink pointing outside the rootfs, the operations follow that symlink to the host filesystem. This lets an image-controlled attacker delete files named ptmx in an attacker-chosen host directory or create the fixed set of /dev symlinks (such as fd, stdin, stdout, stderr, core) with predetermined names and targets in that directory.

Root Cause

The root cause is unsafe path construction that does not enforce rootfs containment. filepath.Join returns a lexical path but does not guarantee the result stays within the intended root. When /dev in the container image is a symlink, subsequent filesystem syscalls resolve it against the host, breaking the rootfs boundary [CWE-61].

Attack Vector

Exploitation requires an attacker to supply a malicious container image and induce a vulnerable higher-level runtime built on runc to run it. Docker is not affected because it overlays a read-only layer that masks a malicious /dev symlink. Other runtimes that do not apply the same masking allow the crafted image to redirect the file operations performed during rootfs setup, resulting in host-side file deletion or symlink creation with limited integrity impact.

go
// Security patch: add splitPath validation to reject bad trailing components
// Source: https://github.com/opencontainers/runc/commit/864db8042dbb

func splitPath(path string) (dirPath, filename string, err error) {
    dirPath, filename = filepath.Split(path)
    if filepath.Join("/", filename) == "/" {
        return "", "", fmt.Errorf("root subpath %q has bad trailing component %q", path, filename)
    }
    return dirPath, filename, nil
}

The upstream fix reworks /dev initialization to be file-descriptor based, using pathrs-lite and securejoin primitives to resolve paths safely within the rootfs rather than relying on lexical joins.

Detection Methods for CVE-2026-41579

Indicators of Compromise

  • Unexpected deletion of host files named ptmx in directories where container runtimes have write access.
  • Newly created symlinks in host directories matching the fixed /dev symlink set (fd, stdin, stdout, stderr, core) with targets pointing into /proc/self/fd.
  • Container images whose /dev entry in the image layer is a symlink rather than a directory.
  • Runtime logs from containerd, CRI-O, or other runc-based runtimes showing rootfs setup against images with unusual /dev layout.

Detection Strategies

  • Scan container image layers before deployment and flag any image where /dev is present as a symbolic link or non-directory inode.
  • Enable filesystem audit rules on hosts running container workloads to log unlink and symlink syscalls originating from runc processes targeting paths outside the rootfs.
  • Compare installed runc versions across the fleet against the fixed releases 1.3.6, 1.4.3, and 1.5.0.

Monitoring Recommendations

  • Monitor runc binary versions across all container hosts and Kubernetes nodes using package inventory or SBOM tooling.
  • Track image registry pushes for images containing symlinked top-level directories, particularly /dev, /proc, and /sys.
  • Alert on file integrity changes to host paths that contain files named ptmx outside expected locations such as /dev/pts.

How to Mitigate CVE-2026-41579

Immediate Actions Required

  • Upgrade runc to version 1.3.6, 1.4.3, or 1.5.0 on all container hosts, Kubernetes worker nodes, and CI build agents.
  • Audit higher-level runtimes such as containerd, CRI-O, and podman to confirm they package a patched runc.
  • Restrict container image sources to trusted registries and require image signing to reduce exposure to malicious images.

Patch Information

The issue is fixed in runc versions 1.3.6, 1.4.3, and 1.5.0. The upstream fix is tracked in GitHub Security Advisory GHSA-xjvp-4fhw-gc47 and implemented in commit 864db8042dbb, which refactors /dev initialization to use file-descriptor based path resolution.

Workarounds

  • Run workloads exclusively under Docker, which masks malicious /dev symlinks with a read-only top layer and is not exploitable.
  • Block or reject container images whose top-level /dev entry is a symlink during registry admission or CI scanning.
  • Apply mandatory access control policies (SELinux or AppArmor) that constrain runc write access on the host filesystem outside expected rootfs locations.
bash
# Verify the installed runc version is patched
runc --version

# Debian/Ubuntu
sudo apt-get update && sudo apt-get install --only-upgrade runc

# RHEL/CentOS/Fedora
sudo dnf update runc

# Confirm containerd is using the patched runc
containerd --version && runc --version

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.