blob: debaa1d27a10a29bf0c97edc26fe78d55d638b8c [file] [log] [blame]
- module:
- fixed: 20.10.20
summary: Container build can leak any path on the host into the container
description: |-
### Description
Moby is the open source Linux container runtime and set of components used to
build a variety of downstream container runtimes, including Docker CE, Mirantis
Container Runtime (formerly Docker EE), and Docker Desktop. Moby allows for
building container images using a set of build instructions (usually named and
referred to as a "Dockerfile"), and a build context, which is not unlike the CWD
in which the Dockerfile instructions are executed.
Containers may be built using a variety of tools and build backends available in
the Moby ecosystem; in all cases, builds may not include files outside of the
build context (such as using absolute or relative-parent paths). This is
enforced through both checks in the build backends, and the containerization of
the build process itself.
Versions of Git where CVE-2022-39253 is present and exploited by a malicious
repository, when used in combination with Moby, are subject to an unexpected
inclusion of arbitrary filesystem paths in the build context, without any
visible warning to the user.
This issue was originally reported by Wenxiang Qian of Tencent Blade Team, and
the root-cause analysis was performed by Cory Snider of Mirantis, with
assistance from Bjorn Neergaard of the same. The issue was then reported to the
Git project, and Taylor Blau led the process resolving the root issue in Git.
### Impact
This vulnerability originates in Git, but can be used to violate assumptions
that may have security implications for users of Moby and related components.
Users may rely on the fact that a build context ensures that outside files
cannot be referenced or incorporated using multiple enforcement mechanisms, or
expect a warning if this does not hold true. A maliciously crafted Git
repository exploiting CVE-2022-39253 can violate this assumption, and
potentially include sensitive files that are subsequently uploaded to a
container image repository, or disclosed by code inside the resulting container
As this issue cannot be triggered remotely, except by users who already have
full control over the daemon through the API, and it requires exploiting a
vulnerability in Git by convincing a user to build a maliciously crafted
repository, the impact in Moby is considered low.
### Patches
Moby 20.10.20, and Mirantis Container Runtime (formerly Docker Enterprise
Edition) 20.10.14 will contain mitigations for CVE-2022-39253 when a Git clone
is performed by Moby components (on either the daemon or API client side).
However, as these mitigations only apply to certain scenarios (build of
`git+<protocol>://...` URL contexts) and cannot protect against a malicious
repository already on disk, users should update to a version of Git containing
patches for CVE-2022-39253 on all their systems running both API clients and
Specifically, patches in Moby (including patches incorporated from BuildKit)
protect against the following:
* `docker build` with the legacy builder (e.g. `DOCKER_BUILDKIT` unset or set to
0) of a Git URL context. Note that depending on available API versions and the
CLI version, the Git clone operation can take place on either the client or the
daemon side. Both must be updated (or have Git updated) to fully protect this
build method.
* `docker build` with the BuildKit builder (e.g. `DOCKER_BUILDKIT=1`) of a Git
URL context.
* `docker buildx build` with `BUILDKIT_CONTEXT_KEEP_GIT_DIR=1` of a Git URL
Patches in BuildKit incorporated into Docker Compose protect against
CVE-2022-39253 during Compose-driven builds of Git URL contexts.
Patches in Moby and related projects such as BuildKit, the Docker CLI, and
Docker Compose **cannot** fully protect against CVE-2022-39253, as it may be
triggered by a malicious repository already on disk that a unpatched Git client
has interacted with (specifically, commands that check out submodules such as
`git clone --recursive`, `git submodule update`, etc. may have already triggered
the Git vulnerability).
### Workarounds
While this behavior is unexpected and undesirable, and has resulted in this
security advisory, users should keep in mind that building a container entails
arbitrary code execution. Users should not build a repository/build context they
do not trust, as containerization cannot protect against all possible attacks.
When building with BuildKit (e.g. `docker buildx build` or `docker build` with
`DOCKER_BUILDKIT=1`), this issue cannot be exploited unless `--build-arg
BUILDKIT_CONTEXT_KEEP_GIT_DIR=1` was also passed, as by default BuildKit will
discard the `.git` directory of a Git URL context immediately after cloning and
checking out the repository.
### For more information
If you have any questions or comments about this advisory:
* [Open an issue](
* Email us at [](
- GHSA-vp35-85q5-9f25
- web:
- web:
- package:
- web:
- web:
- 'lint: bad version "20.10.20": invalid version: should be v0 or v1, not v20'
- 'lint: redundant non-advisory reference to GHSA-vp35-85q5-9f25'