CVE-2026-41163
HIGHbubblewrap vulnerable to privilege escalation in setuid mode via ptrace
Title source: cnaDescription
bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitrarily use the privileged operations, and in particular the "overlay mount" operation, allowing the creation of overlay mounts which is otherwise not allowed in the setuid version of bubblewrap. This issue has been patched in version 0.11.2.
References (2)
Core 2
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/containers/bubblewrap/security/advisories/GHSA-xq78-7hw4-5jvp
X_Refsource_Misc x_refsource_misc
https://github.com/containers/bubblewrap/releases/tag/v0.11.2
Scores
CVSS v4
8.7
EPSS
0.0035
EPSS Percentile
27.1%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-269
Status
published
Products (1)
containers/bubblewrap
>= 0.11.0, < 0.11.2
Published
May 09, 2026
Tracked Since
May 09, 2026