Description
Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/archive` or piped through `docker cp -`, the daemon resolves decompression binaries (such as `xz` or `unpigz`) from the container's filesystem rather than the host's due to incorrect ordering of operations. A malicious container image containing a trojanized decompression binary can achieve arbitrary code execution with full daemon privileges, including host root UID and unrestricted capabilities, when a user uploads a compressed (xz or gzip) archive into that container. This issue is fixed in Docker Engine 29.5.1 and moby/moby v2.0.0-beta.14. Workarounds include only running containers from trusted images, using authorization plugins to restrict access to the `PUT /containers/{id}/archive` endpoint, and avoiding piping compressed archives into containers created from untrusted images
Published: 2026-06-05
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability allows an attacker who can upload a compressed archive to a Docker container to cause the Docker daemon to execute a decompression binary located inside the container rather than the host’s benign binary. The daemon incorrectly orders operations, resolving the binary path from the container filesystem. If the container image contains a trojan‑ized decompression binary such as a malicious xz or unpigz, the daemon will run that binary with the same privileges it holds, resulting in full daemon privileges—root UID and unrestricted capabilities on the host.

Affected Systems

Affected vendors and products include Docker Engine (docker/daemon) and Moby (moby/v2/daemon). Versions prior to Docker Engine 29.5.1 and Moby v2.0.0‑beta.14 are vulnerable. The issue applies to any container created from these image versions that receives a compressed archive via the REST API endpoint or through docker cp piped input.

Risk and Exploitability

The CVSS base score is 7.2, indicating a high severity. EPSS is unavailable, and the vulnerability is not yet listed in the CISA KEV catalog. The attack vector is inferred to be remote or local depending on whether the attacker can invoke the Docker REST API or use dockercp; the fix requires the attacker to supply a payload archive. Thus, exploitation is possible on systems where the daemon trusts untrusted containers or when images are not verified, and it could lead to widespread host compromise if the vulnerability is triggered.

Generated by OpenCVE AI on June 5, 2026 at 03:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Docker Engine to 29.5.1 or later, or Moby to 2.0.0‑beta.14 or later.
  • If an upgrade is not possible, configure an authorization plugin that denies the PUT /containers/{id}/archive endpoint for untrusted containers.
  • Ensure that all images used to run containers are trusted, and avoid uploading compressed archives to containers built from untrusted images.

Generated by OpenCVE AI on June 5, 2026 at 03:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-x86f-5xw2-fm2r Docker: `PUT /containers/{id}/archive` executes container binary on the host
History

Fri, 05 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 05 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Moby
Moby moby
Vendors & Products Moby
Moby moby

Fri, 05 Jun 2026 01:30:00 +0000

Type Values Removed Values Added
Description Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/archive` or piped through `docker cp -`, the daemon resolves decompression binaries (such as `xz` or `unpigz`) from the container's filesystem rather than the host's due to incorrect ordering of operations. A malicious container image containing a trojanized decompression binary can achieve arbitrary code execution with full daemon privileges, including host root UID and unrestricted capabilities, when a user uploads a compressed (xz or gzip) archive into that container. This issue is fixed in Docker Engine 29.5.1 and moby/moby v2.0.0-beta.14. Workarounds include only running containers from trusted images, using authorization plugins to restrict access to the `PUT /containers/{id}/archive` endpoint, and avoiding piping compressed archives into containers created from untrusted images
Title Docker: `PUT /containers/{id}/archive` executes container binary on the host
Weaknesses CWE-427
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N'}

Subscriptions

Moby Moby
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-05T13:11:47.568Z

Reserved: 2026-04-21T14:15:21.957Z

Link: CVE-2026-41567

cve-icon Vulnrichment

Updated: 2026-06-05T13:11:42.359Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-06-05T02:17:13.817

Modified: 2026-06-05T16:01:30.983

Link: CVE-2026-41567

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T10:07:07Z

Weaknesses