Plateforme
linux
Composant
crun
Corrigé dans
1.19.1
CVE-2026-30892 describes a privilege escalation vulnerability discovered in crun, an open-source OCI Container Runtime. This flaw allows an attacker to execute processes with elevated privileges due to an incorrect parsing of the -u or --user option within the crun exec command. The vulnerability affects versions 1.19 up to, but not including, 1.27. A patch is available in version 1.27.
The core of this vulnerability lies in the misinterpretation of the -u or --user flag in crun exec. When a user attempts to specify a UID of '1' using this flag, crun incorrectly interprets it as UID 0 and GID 0 (root). This allows an attacker to bypass intended privilege restrictions and execute commands with root privileges within the container. Successful exploitation could lead to complete container compromise, potentially enabling attackers to access sensitive data, modify container configurations, or even escape the container and impact the host system, depending on container isolation settings. This is particularly concerning in multi-tenant environments where containers share the same host.
CVE-2026-30892 was published on March 25, 2026. Currently, there is no public proof-of-concept (POC) code available. The EPSS score is pending evaluation, indicating the potential for exploitation is not yet fully understood. It is not currently listed on KEV (Kernel Exploit Search). Organizations should monitor security advisories and vulnerability databases for updates.
Statut de l'Exploit
EPSS
0.01% (percentile 2%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2026-30892 is to upgrade to crun version 1.27 or later, which contains the fix for the incorrect parsing of the -u flag. If upgrading is not immediately feasible, consider restricting the use of the -u flag in crun exec to trusted users or processes. Implement strict container isolation policies to limit the potential impact of a compromised container. Monitor container execution logs for suspicious activity, particularly commands executed with UID 0. While a WAF is unlikely to directly address this vulnerability, enforcing least privilege principles for container users can reduce the attack surface.
Mettez à jour crun à la version 1.27 ou supérieure. Cette version corrige l'interprétation incorrecte de l'option `-u` dans `crun exec`, évitant ainsi l'élévation de privilèges. Vous pouvez télécharger la nouvelle version depuis le site web officiel ou via le gestionnaire de paquets de votre système.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-30892 is a vulnerability in crun versions 1.19 through 1.26 that allows an attacker to gain elevated privileges by manipulating the -u flag. Severity is pending evaluation.
You are affected if you are using crun versions 1.19 through 1.26. Check your crun version using crun --version.
Upgrade to crun version 1.27 or later to resolve the vulnerability. If upgrading isn't possible, restrict the use of the -u flag.
Currently, there are no known active exploits or public proof-of-concept code for CVE-2026-30892.
Refer to the crun project's official website and security advisories for the latest information on CVE-2026-30892.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.