Gitea act_runner Docker Privilege Escalation

Executive Summary

CVE-2026-58053 is a vulnerability in Gitea's act_runner when using the Docker backend (through act 0.262.0). It occurs because the workflow's container.options string is passed directly to the Docker job container's HostConfig without proper validation. Even when the runner is configured with privileged mode disabled, only the Privileged flag is turned off, while other dangerous Docker options like --pid=host, --cap-add, and --security-opt remain unchanged.

This allows a user who can run a workflow on a Docker-backed runner to create a job container that has host namespaces and broad Linux capabilities, enabling them to escape the container and gain root access on the host system.

Useful 0 Not Useful 0

Impact Analysis

An attacker who can run workflows on a vulnerable Docker-backed Gitea act_runner can exploit this vulnerability to escalate privileges and escape to the host system as root.

• Gain unauthorized root access on the host running the runner.
• Access sensitive information such as secrets, deployment credentials, or internal build infrastructure.
• Compromise the integrity and confidentiality of the build environment.

This impact is especially critical in environments where untrusted users can trigger workflows, as it can lead to full host compromise despite privileged mode being disabled.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by verifying if workflows running on a Docker-backed Gitea act_runner are able to pass dangerous container options such as --pid=host, --ipc=host, --cap-add=ALL, or --security-opt overrides to job containers despite privileged mode being disabled.

One practical detection method is to create or review workflows that attempt to write marker files on the host filesystem, which would confirm namespace escape and privilege escalation.

Commands to check running containers for dangerous options include inspecting Docker container configurations with:

• docker inspect <container_id> | grep -E 'PidMode|CapAdd|SecurityOpt'

Additionally, monitoring workflow definitions for the presence of suspicious container.options strings that include host namespace flags or capability additions can help detect exploitation attempts.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include treating workflow-authored container.options as untrusted input and rejecting or allowlisting dangerous Docker options such as --pid=host, --ipc=host, --cap-add=ALL, and --security-opt overrides.

Avoid running untrusted workflows on shared Docker-backed act_runners. Instead, use isolated or single-tenant runners with stronger sandboxing to prevent privilege escalation.

Operators should update or patch the act_runner to versions that properly sanitize or restrict container options passed from workflows.

As a defensive validation, you can use proof-of-concept workflows that attempt to write marker files on the host to confirm whether the vulnerability is present.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability allows an attacker who can run workflows on a Docker-backed Gitea act_runner to escalate privileges and escape to the host as root. This can lead to unauthorized access to sensitive data such as secrets, deployment credentials, or internal build infrastructure.

Such unauthorized access and potential data breaches could negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls over access to sensitive personal and health information.

Therefore, exploitation of this vulnerability could result in violations of data protection requirements, unauthorized data disclosure, and failure to maintain the confidentiality and integrity of regulated data.

Useful 0 Not Useful 0