CVE-2026-33897
Received Received - Intake
Arbitrary Root File Read/Write in Incus Pongo2 Templates

Publication date: 2026-03-26

Last updated on: 2026-03-30

Assigner: GitHub, Inc.

Description
Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to template files inside of the instance. This particular implementation of pongo2 within Incus allowed for file read/write but with the expectation that the pongo2 chroot feature would isolate all such access to the instance's filesystem. This was allowed such that a template could theoretically read a file and then generate a new version of said file. Unfortunately the chroot isolation mechanism is entirely skipped by pongo2 leading to easy access to the entire system's filesystem with root privileges. Version 6.23.0 patches the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-26
Last Modified
2026-03-30
Generated
2026-05-07
AI Q&A
2026-03-27
EPSS Evaluated
2026-05-05
NVD
CVE-2026-33897
EUVD
EUVD-2026-16466
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linuxcontainers incus to 6.23.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1336 The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in Incus, a system container and virtual machine manager, prior to version 6.23.0. It involves the use of pongo2 templates within instances that are intended to be isolated to the instance's filesystem using a chroot mechanism. However, the chroot isolation is completely bypassed by pongo2, allowing these templates to read from and write to any file on the host system with root privileges.

As a result, an attacker can use instance template files to perform arbitrary read or write operations on the host server's filesystem, effectively gaining root-level access outside the intended isolated environment.


How can this vulnerability impact me? :

This vulnerability can have severe impacts as it allows an attacker with access to instance templates to gain root-level access to the host server's entire filesystem. This can lead to unauthorized data access, modification, or deletion, compromise of system integrity, and potentially full control over the host system.

Such access could be exploited to install malware, steal sensitive information, disrupt services, or pivot to other parts of the network.


What immediate steps should I take to mitigate this vulnerability?

The immediate step to mitigate this vulnerability is to upgrade Incus to version 6.23.0 or later, as this version patches the issue where pongo2 templates could bypass chroot isolation and allow arbitrary root read/write access to the host filesystem.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

This vulnerability allows arbitrary read and write access as root on the host server, potentially exposing sensitive data and compromising system integrity.

Such unauthorized access and potential data exposure could lead to non-compliance with data protection standards and regulations like GDPR and HIPAA, which require strict controls over access to sensitive information and system security.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart