CVE-2026-58053 - Gitea act_runner Docker container options host escape
CVE-2026-58053 + Gitea act_runner Docker container options host escape + Critical + 2026-06-28
One-sentence business risk
A contributor with workflow execution can bypass runner hardening and reach the CI host as root, directly threatening source and release secrets.
Research notes
- Root cause: Gitea act_runner with the Docker backend passes workflow-controlled
container.optionsinto Docker HostConfig while only forcingPrivileged=false, leaving host namespaces, capabilities, and security options available. - Affected versions: Gitea act_runner Docker backend through act 0.262.0 when workflows control container.options.
- Fixed / safe versions: vendor-patched act_runner/act release; deny unsafe container.options immediately.
- Public exploit / PoC signal: public PoC or exploit details are referenced by NVD; use only safe regression tests and do not execute exploit payloads against production.
- CVSS: 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.
Exact vulnerable code pattern
jobs:
build:
container:
image: alpine
options: --pid=host --cap-add=SYS_ADMIN --security-opt apparmor=unconfined
Fixed / mitigated code pattern
denyContainerOptions(["--pid", "--privileged", "--cap-add", "--security-opt", "--device", "--volume"])
runDockerJob({ privileged: false, pidMode: "container", capDrop: ["ALL"], securityOpt: ["no-new-privileges"] })
Dependency or runtime update:
act_runner --version || true
rg -n "container:|options:|act_runner|GITEA_ACTIONS" .
# upgrade runner and reject unsafe container.options
Step-by-step integration guide
- Inventory
Gitea act_runner / actin source, lockfiles, SBOMs, CI images, containers, deployment manifests, and managed runtimes. - Upgrade or patch to
vendor-patched act_runner/act release; deny unsafe container.options immediately; if no upstream package is available, apply the local guard shown above and track the vendor release as a blocking follow-up. - Replace every vulnerable
container-escapepattern with a fail-closed implementation that validates ownership, bounds, canonical paths, origin/session binding, or parser limits before acting. - Add a regression test that reproduces the advisory shape safely and proves the request is rejected, bounded, or authorized.
- Deploy through canary, monitor auth, file, parser, crash, and CI-runner logs, then remove temporary edge blocks only after all runtimes are fixed.
Alternative mitigations
- Disable the vulnerable feature path, decoder, plugin, runner backend, proxy agent, or route while the patch rolls out.
- Add WAF/reverse-proxy rules for SQL metacharacters, traversal tokens, unsafe Docker flags, oversized/nested payloads, or unexpected session-origin transitions matching this trigger class.
- Restrict egress and access to untrusted artifacts, SSH servers, media uploads, workflow execution, and administrative delegation until fixed versions are verified.
- Rotate credentials and invalidate sessions if logs show the vulnerable path was reachable by untrusted users.
Detection signature
id: cve-2026-58053-gitea-act-runner-docker-container-options-host-e
source: NVD
package_or_product: "Gitea act_runner / act"
affected: "Gitea act_runner Docker backend through act 0.262.0 when workflows control container.options"
fixed: "vendor-patched act_runner/act release; deny unsafe container.options immediately"
cvss: "9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
signals:
- "container-escape"
- "CVE-2026-58053"
- "Gitea act_runner / act"
action: "upgrade, add a regression test, and verify deploy artifact"
Copy-paste skill
You are remediating CVE-2026-58053 (Gitea act_runner Docker container options host escape) in this repository.
Produce a reviewer-ready PR or TRIAGE.md. Inventory Gitea act_runner / act across source, lockfiles, images, CI, deployment manifests, and SBOMs. Apply vendor-patched act_runner/act release; deny unsafe container.options immediately. Replace the vulnerable container-escape pattern with the fail-closed pattern, add a regression test for the advisory trigger, and document owner, rollout, rollback, and validation evidence. Do not run public exploit PoCs against production or expose secrets in logs.
Keywords, affected tech stack, and revenue tags
- Keywords:
CVE-2026-58053,container-escape,Gitea act_runner / act,NVD. - Affected tech stack:
go/docker. - Revenue tags:
sellable_to_fintech,enterprise_blocker,zero_day_gold.