Description
Publishing here instead of emailing [email protected] since the PoC is public:
https://github.com/bikini/exploitarium/tree/main/docker-cp-copyout-destination-escape
I could reproduce it on latest openSUSE Tumbleweed with Docker v29.4.0, both as root & rootless.
Reproduce
git clone https://github.com/bikini/exploitarium/cd docker-cp-copyout-destination-escapechmod +x poc.shHOST_BASE=/tmp/docker-cp-copyout-repro ./poc.sh
Expected behavior
No response
docker version
Client:
Version: 29.4.0-ce
API version: 1.54
Go version: go1.26.3
Git commit: daa0cb7f23
Built: Wed May 6 04:59:34 2026
OS/Arch: linux/amd64
Context: default
Server:
Engine:
Version: 29.4.0-ce
API version: 1.54 (minimum version 1.40)
Go version: go1.26.3
Git commit: daa0cb7f23
Built: Wed May 6 04:59:34 2026
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v1.7.29
GitCommit: 442cb34bda9a6a0fed82a2ca7cade05c5c749582
runc:
Version: 1.4.1
GitCommit: v1.4.1-0-gc67132530367
docker-init:
Version: 0.2.1_catatonit
GitCommit:
docker info
Client:
Version: 29.4.0-ce
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: 0.33.0
Path: /usr/lib/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: 5.1.4
Path: /usr/lib/docker/cli-plugins/docker-compose
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 1
Server Version: 29.4.0-ce
Storage Driver: overlayfs
driver-type: io.containerd.snapshotter.v1
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
CDI spec directories:
/etc/cdi
/var/run/cdi
Swarm: inactive
Runtimes: io.containerd.runc.v2 oci runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 442cb34bda9a6a0fed82a2ca7cade05c5c749582
runc version: v1.4.1-0-gc67132530367
init version:
Security Options:
seccomp
Profile: builtin
selinux
cgroupns
Kernel Version: 7.0.12-1-default
Operating System: openSUSE Tumbleweed
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 31.34GiB
Name: jeos
ID: e5a57fef-02aa-4a79-9810-ced348149e29
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
::1/128
127.0.0.0/8
Live Restore Enabled: false
Firewall Backend: iptables+firewalld
ReloadedAt: 2026-06-24T14:28:25+02:00Additional Info
No response
Description
Publishing here instead of emailing [email protected] since the PoC is public:
https://github.com/bikini/exploitarium/tree/main/docker-cp-copyout-destination-escape
I could reproduce it on latest openSUSE Tumbleweed with Docker v29.4.0, both as root & rootless.
Reproduce
git clone https://github.com/bikini/exploitarium/cd docker-cp-copyout-destination-escapechmod +x poc.shHOST_BASE=/tmp/docker-cp-copyout-repro ./poc.shExpected behavior
No response
docker version
Client: Version: 29.4.0-ce API version: 1.54 Go version: go1.26.3 Git commit: daa0cb7f23 Built: Wed May 6 04:59:34 2026 OS/Arch: linux/amd64 Context: default Server: Engine: Version: 29.4.0-ce API version: 1.54 (minimum version 1.40) Go version: go1.26.3 Git commit: daa0cb7f23 Built: Wed May 6 04:59:34 2026 OS/Arch: linux/amd64 Experimental: false containerd: Version: v1.7.29 GitCommit: 442cb34bda9a6a0fed82a2ca7cade05c5c749582 runc: Version: 1.4.1 GitCommit: v1.4.1-0-gc67132530367 docker-init: Version: 0.2.1_catatonit GitCommit:docker info
Additional Info
No response