Description
Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging options such as --pid=host, --cap-add, and --security-opt unchanged. A user who can run a workflow on a Docker-backed runner can create a job container with host namespaces and broad capabilities and escape to the host as root despite privileged mode being disabled.
Published: 2026-06-28
Score: 9.4 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in Gitea's act_runner component when using the Docker backend starting at act 0.262.0. It passes workflow-defined container.options directly to Docker's HostConfig, preserving options such as --pid=host, --cap-add, and --security-opt even when privileged mode is disabled. A user capable of initiating a workflow can therefore spawn a container with host namespaces and unrestricted capabilities, allowing escape to the host system with root privileges.

Affected Systems

Affected systems include installations of Gitea act_runner using Docker as the execution platform, specifically version act 0.262.0 and subsequent releases that have not yet applied a patch. No other vendors or products are listed.

Risk and Exploitability

The CVSS score of 9.4 indicates severe risk, and although the EPSS score is unavailable, the lack of a KEV listing does not diminish its potential for exploitation. An attacker only needs permissions to trigger a workflow on a Docker-backed runner, after which the vulnerability can be exploited to obtain root access on the host. The attack is local from the perspective of the runner user but results in full host compromise.

Generated by OpenCVE AI on June 28, 2026 at 03:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Gitea act_runner to the latest fixed version that disallows unsafe container options merging.
  • Modify Docker runner configuration to reject or strip options such as --pid=host, --cap-add, and --security-opt from workflow container.options, ensuring host namespaces and capabilities are disabled.
  • Restrict workflow execution rights to trusted users only or disable Docker backends for untrusted workflows.

Generated by OpenCVE AI on June 28, 2026 at 03:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 28 Jun 2026 02:15:00 +0000

Type Values Removed Values Added
Description Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging options such as --pid=host, --cap-add, and --security-opt unchanged. A user who can run a workflow on a Docker-backed runner can create a job container with host namespaces and broad capabilities and escape to the host as root despite privileged mode being disabled.
Title Gitea act_runner - Container Hardening Bypass via Workflow Container Options
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-28T01:32:55.648Z

Reserved: 2026-06-28T00:55:25.426Z

Link: CVE-2026-58053

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-28T03:30:05Z

Weaknesses
  • CWE-269

    Improper Privilege Management