CVE-2026-41568
Received Received - Intake
Race Condition in Docker Engine Allows Filesystem Manipulation

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: GitHub, Inc.

Description
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem. This issue has been patched in Docker Engine version 29.5.1 and Moby Daemon version 2.0.0-beta.14.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-06-13
AI Q&A
2026-06-12
EPSS Evaluated
N/A
NVD
CVE-2026-41568
EUVD
EUVD-2026-36527
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
docker docker_engine to 29.5.1 (exc)
docker docker_daemon to 28.5.2 (exc)
moby moby_daemon to 2.0.0-beta.14 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-367 The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.
CWE-81 The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters that could be interpreted as web-scripting elements when they are sent to an error page.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability can be exploited to perform persistent denial-of-service attacks on the host system.

  • Convert critical system files (e.g., /etc/docker/daemon.json) into directories to prevent service restarts.
  • Create files like /etc/nologin to block user logins.
  • Overwrite system paths with empty files to disrupt services.

Exploitation requires a running container with a process capable of rapidly creating and swapping symlinks at a volume mount destination, combined with an operator initiating `docker cp` or calling the affected API endpoints.

Containers without volume mounts are not affected.

Executive Summary

This vulnerability is a race condition in Docker's `docker cp` command and related archive API endpoints that allows a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem.

It happens during the setup of bind-mount volumes when the Docker daemon resolves a mount destination path inside the container and then creates the mountpoint. Between resolving the path and creating it, a container process can swap a path component with a symlink pointing to a host location.

Because the creation functions follow symlinks in intermediate path components, the file or directory is created outside the container root with root privileges, allowing the container to escape its filesystem boundaries.

Detection Guidance

Detection of this vulnerability involves monitoring for suspicious activity related to the creation of empty files or directories at arbitrary absolute paths on the host filesystem by containers.

Since exploitation requires a running container with volume mounts and rapid creation and swapping of symlinks combined with use of the `docker cp` command or related archive API endpoints, detection can focus on:

  • Monitoring usage of the `docker cp` command and API calls to PUT /containers/{id}/archive and HEAD /containers/{id}/archive.
  • Checking for unexpected empty files or directories created at absolute paths on the host, especially critical system paths like /etc/docker/daemon.json or /etc/nologin.
  • Inspecting container volume mount points for symlink swaps or unusual symlink activity.

Suggested commands to help detect suspicious files or directories on the host filesystem include:

  • Find recently created empty files or directories: `find / -type f -empty -o -type d -empty -exec ls -ld {} \;`
  • Check for suspicious symlinks in mount paths: `find /path/to/volume/mounts -type l -ls`
  • Audit docker cp usage by reviewing shell history or docker daemon logs for commands or API calls related to copying archives.
Mitigation Strategies

Immediate mitigation steps include:

  • Upgrade Docker Engine to version 29.5.1 or later, or Moby Daemon to version 2.0.0-beta.14 or later, where the vulnerability is patched.
  • Avoid running untrusted containers, especially those that have volume mounts.
  • Avoid using the `docker cp` command or the affected archive API endpoints with untrusted containers.
  • Restrict access to the archive API endpoints (PUT /containers/{id}/archive, HEAD /containers/{id}/archive) using authorization plugins or other access control mechanisms.
Compliance Impact

This vulnerability allows a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem, potentially disrupting critical system files and services. While it impacts system integrity and availability, it does not expose or allow unauthorized read/write access to existing files or data.

Because the vulnerability can lead to denial-of-service conditions by preventing service restarts or blocking logins, it may indirectly affect compliance with standards like GDPR or HIPAA that require maintaining system availability and integrity.

However, since it does not result in unauthorized disclosure or modification of sensitive data, the direct impact on data privacy regulations such as GDPR or HIPAA is limited.

Organizations relying on Docker or Moby should consider this vulnerability in their risk assessments and ensure timely patching to maintain compliance with availability and integrity requirements of common standards.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41568. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart