Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-42306

CVE-2026-42306: Docker Engine Race Condition Vulnerability

CVE-2026-42306 is a race condition flaw in Docker Engine that allows malicious containers to redirect bind mounts and overwrite host files. This article covers technical details, affected versions, and mitigation.

Published:

CVE-2026-42306 Overview

CVE-2026-42306 is a race condition vulnerability in Moby and Docker Engine that affects the docker cp command. A malicious container can exploit a time-of-check time-of-use (TOCTOU) window during mount setup to redirect a bind mount target to an arbitrary host path. Successful exploitation allows attackers to overwrite host files or trigger denial of service conditions on the host system. The flaw is tracked under CWE-61: UNIX Symbolic Link (Symlink) Following and impacts Docker Engine versions 28.5.2 and prior, plus Moby Daemon versions prior to 2.0.0-beta.14.

Critical Impact

Local attackers with container access can overwrite arbitrary host files, escape container isolation boundaries, and cause denial of service against the Docker host.

Affected Products

  • Docker Engine prior to version 29.5.1
  • Moby Daemon versions 28.5.2 and prior
  • Moby Daemon v2 versions prior to 2.0.0-beta.14

Discovery Timeline

  • 2026-06-12 - CVE-2026-42306 published to NVD
  • 2026-06-17 - Last updated in NVD database

Technical Details for CVE-2026-42306

Vulnerability Analysis

The vulnerability resides in the docker cp mount setup logic within the Docker Daemon. When docker cp initiates a file copy operation between the host and a container, the daemon establishes a bind mount targeting a path inside the container's filesystem. A malicious container can manipulate filesystem entries between the path resolution check and the actual mount syscall.

This TOCTOU window lets the container substitute symbolic links that redirect the bind mount target outside the container root. Because the daemon runs as root on the host, the redirected mount inherits privileged access to arbitrary host paths. Attackers can then write to sensitive host files such as /etc/shadow, systemd unit files, or kernel module configuration paths.

Root Cause

The root cause is improper synchronization between path validation and mount execution. The daemon resolves the target path in the container namespace, then performs the mount in a separate operation without ensuring path immutability. A cooperating process inside the container swaps the directory for a symlink during this gap, satisfying [CWE-61] symlink-following conditions.

Attack Vector

Exploitation requires local access through a container the attacker controls. The attacker must time a symlink swap to coincide with a docker cp operation involving the malicious container. While attack complexity is high due to the race window, repeated attempts increase success probability. The result is host file overwrite, which can escalate to host compromise or daemon crash.

No public proof-of-concept exploit code is currently available. Refer to the Moby GitHub Security Advisory GHSA-rg2x-37c3-w2rh for upstream technical details.

Detection Methods for CVE-2026-42306

Indicators of Compromise

  • Unexpected modifications to host files outside standard Docker storage paths such as /var/lib/docker
  • Symbolic links inside container filesystems pointing to host paths like /etc, /root, or /usr/bin
  • Repeated docker cp operations targeting the same container in rapid succession
  • Docker daemon errors or crashes correlated with container copy operations

Detection Strategies

  • Monitor Docker daemon audit logs for docker cp invocations involving untrusted containers
  • Inspect container layers for symlinks that resolve to sensitive host paths before runtime
  • Deploy Linux Audit (auditd) rules on mount syscalls originating from the Docker daemon process
  • Correlate file integrity monitoring alerts on host system directories with container lifecycle events

Monitoring Recommendations

  • Enable Docker daemon logging at debug level for environments accepting untrusted images
  • Implement file integrity monitoring on /etc, /usr/bin, /usr/sbin, and systemd directories
  • Track Moby and Docker Engine versions across the container infrastructure to identify unpatched hosts
  • Alert on container processes performing rapid symlink creation in mount target directories

How to Mitigate CVE-2026-42306

Immediate Actions Required

  • Upgrade Docker Engine to version 29.5.1 or later on all affected hosts
  • Upgrade Moby Daemon to version 2.0.0-beta.14 or later for v2 deployments
  • Audit which users and workloads can execute docker cp against untrusted containers
  • Restrict container deployments to trusted images until patching is complete

Patch Information

The issue is fixed in Docker Engine 29.5.1 and Moby Daemon 2.0.0-beta.14. The patch closes the TOCTOU window by validating mount target paths atomically during mount setup. Full remediation guidance is published in the Moby GitHub Security Advisory GHSA-rg2x-37c3-w2rh.

Workarounds

  • Avoid using docker cp against containers running untrusted or attacker-controlled workloads
  • Run untrusted containers under user namespaces to limit the impact of host file overwrites
  • Use rootless Docker where feasible to reduce daemon privilege on the host
  • Apply mandatory access control profiles such as AppArmor or SELinux to constrain container filesystem operations
bash
# Verify Docker Engine version after patching
docker version --format '{{.Server.Version}}'

# Enable rootless Docker as a hardening measure
dockerd-rootless-setuptool.sh install

# Example AppArmor enforcement for container workloads
docker run --security-opt apparmor=docker-default <image>

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.