VYPR
← All advisories
Moderate severityNVD Advisory· Published Mar 27, 2023· Updated Feb 24, 2025

CVE-2023-0778

CVE-2023-0778

Description

A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A TOCTOU flaw in Podman allows a malicious user to replace a normal file in a volume with a symlink during export, enabling access to arbitrary host files.

Vulnerability

Overview

CVE-2023-0778 is a Time-of-check Time-of-use (TOCTOU) vulnerability in Podman, a container management tool. The flaw resides in the volume export mechanism: when exporting a container volume, Podman checks the file type of objects within the volume, but a race condition allows a malicious user to replace a regular file with a symlink between the check and the actual use of the file path. This is a classic symlink race or TOCTOU issue [1][3][4].

Exploitation

Scenario

An attacker must have the ability to modify files inside a container volume that is being exported by an administrator or another user. The attack requires local access to the container environment and the ability to time the replacement of a file with a symlink while the export operation is in progress. No special privileges beyond container user access are needed to initiate the race condition [1][4].

Impact

Successful exploitation allows the attacker to trick the export process into following a malicious symlink, thereby reading arbitrary files from the host filesystem. Depending on the permissions of the process performing the export, sensitive system files, credentials, or other confidential data could be exposed to the attacker within the exported volume [1][3].

Mitigation

Red Hat has rated this vulnerability as medium severity. Podman maintainers have addressed the issue in subsequent releases; users should update to the latest patched version of Podman. No workaround was provided beyond ensuring that only trusted users have the ability to create and export container volumes [2][4].

References
  1. cve-details
  2. GitHub - containers/podman: Podman: A tool for managing OCI containers and pods.
  3. NVD - CVE-2023-0778
  4. symlink exchange attack in podman export volume

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/containers/podman/v4Go
< 4.4.24.4.2

Affected products

49

Patches

1
6ca857feb07a

volume,container: chroot to source before exporting content

https://github.com/containers/podmanAditya RFeb 10, 2023via ghsa
commit
2 files changed · +26 3
  • libpod/container_internal.go+2 2 modified
    @@ -34,7 +34,7 @@ import (
 	"github.com/containers/podman/v4/pkg/systemd/notifyproxy"
 	"github.com/containers/podman/v4/pkg/util"
 	"github.com/containers/storage"
-	"github.com/containers/storage/pkg/archive"
+	"github.com/containers/storage/pkg/chrootarchive"
 	"github.com/containers/storage/pkg/idmap"
 	"github.com/containers/storage/pkg/idtools"
 	"github.com/containers/storage/pkg/lockfile"
@@ -761,7 +761,7 @@ func (c *Container) export(out io.Writer) error {
 		}()
 	}
 
-	input, err := archive.Tar(mountPoint, archive.Uncompressed)
+	input, err := chrootarchive.Tar(mountPoint, nil, mountPoint)
 	if err != nil {
 		return fmt.Errorf("reading container directory %q: %w", c.ID(), err)
 	}
  • utils/utils.go+24 1 modified
    @@ -13,6 +13,7 @@ import (
 
 	"github.com/containers/common/pkg/cgroups"
 	"github.com/containers/storage/pkg/archive"
+	"github.com/containers/storage/pkg/chrootarchive"
 	"github.com/godbus/dbus/v5"
 	"github.com/sirupsen/logrus"
 )
@@ -63,7 +64,7 @@ func CreateTarFromSrc(source string, dest string) error {
 		return fmt.Errorf("could not create tarball file '%s': %w", dest, err)
 	}
 	defer file.Close()
-	return TarToFilesystem(source, file)
+	return TarChrootToFilesystem(source, file)
 }
 
 // TarToFilesystem creates a tarball from source and writes to an os.file
@@ -87,6 +88,28 @@ func Tar(source string) (io.ReadCloser, error) {
 	return archive.Tar(source, archive.Uncompressed)
 }
 
+// TarChrootToFilesystem creates a tarball from source and writes to an os.file
+// provided while chrooted to the source.
+func TarChrootToFilesystem(source string, tarball *os.File) error {
+	tb, err := TarWithChroot(source)
+	if err != nil {
+		return err
+	}
+	_, err = io.Copy(tarball, tb)
+	if err != nil {
+		return err
+	}
+	logrus.Debugf("wrote tarball file %s", tarball.Name())
+	return nil
+}
+
+// TarWithChroot creates a tarball from source and returns a readcloser of it
+// while chrooted to the source.
+func TarWithChroot(source string) (io.ReadCloser, error) {
+	logrus.Debugf("creating tarball of %s", source)
+	return chrootarchive.Tar(source, nil, source)
+}
+
 // RemoveScientificNotationFromFloat returns a float without any
 // scientific notation if the number has any.
 // golang does not handle conversion of float64s that have scientific

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

8

News mentions

0

No linked articles in our index yet.