Youki Container Runtime Symbolic Link Vulnerability Leading to Host Filesystem Access

A vulnerability in Youki, a container runtime written in Rust, allows access to the host root filesystem under certain conditions. This issue affects Youki versions prior to 0.5.5. The vulnerability arises when the `/proc` and `/sys` directories in the container's root filesystem are symbolic links. In such cases, Youki can successfully create a container, bypassing important security checks. This behavior contrasts with `runc`, another container runtime, which correctly identifies the risk and prevents container creation. The vulnerability can be exploited to access the host's root filesystem, potentially leading to unauthorized data exposure or modification.

Impact

Exploitation of this vulnerability allows for unauthorized access to the host's root filesystem from within a container, which could lead to data exposure or modification.

Reproduction

To reproduce this vulnerability, create a container using Youki with a root filesystem that includes symbolic links for the `/proc` and `/sys` directories. Youki will successfully create the container, bypassing the security checks that would normally prevent this. After the container is created, the symbolic links can be used to access the host's root filesystem from within the container.

Remediation

Users can upgrade to Youki version 0.5.5 or later, where this vulnerability has been patched.