bubblewrap setuid mode lets local users ptrace their way to overlay mounts
TL;DR - bubblewrap 0.11.0 and 0.11.1 installed setuid root: a local user can ptrace the unprivileged portion of the sandbox setup phase, take control of it, and reach privileged operations - including overlay mounts that setuid bwrap is supposed to block.
What happened
bubblewrap (bwrap) is a low-level Linux sandboxing utility, often used as the plumbing beneath higher-level container and desktop isolation tooling. CVE-2026-41163 affects versions 0.11.0 and 0.11.1 when installed setuid root.
During sandbox initialisation, bwrap splits work across privileged and unprivileged phases. In the vulnerable versions, an attacker can attach to the process via ptrace during that unprivileged setup window. From there they steer execution into the privileged side - specifically gaining the ability to create overlay mounts, an operation setuid bwrap should not permit unprivileged users to perform.
| Item | Detail |
|---|---|
| Affected component | bubblewrap (bwrap) |
| Affected versions | 0.11.0 and 0.11.1 when installed setuid root |
| Fixed version | 0.11.2 |
| Attack precondition | Local user who can execute and ptrace the setuid bwrap binary |
| Primitive gained | Overlay mount creation via ptrace control of sandbox setup phase |
It is worth noting that setuid installation is not the recommended configuration for bubblewrap. Many modern distributions ship it without setuid root, relying instead on unprivileged user namespaces. The exposure here is real but narrower than it would be on older or deliberately configured systems.
Who is impacted
- Hosts where
bubblewrap0.11.0or0.11.1is installed setuid root. - Systems that lack unprivileged user namespace support and historically required setuid
bwrapfor compatibility. - Any environment where an admin manually set the setuid bit on
bwrap, or where a distribution ships a separate suid package or build variant that enables setuid mode.
What to do now
- Update to
bubblewrap0.11.2or later."Fixed: bubblewrap >= 0.11.2"
- Check whether
bwrapis installed setuid root on any host you manage. A quickstat $(which bwrap)orfind / -name bwrap -perm -4000will tell you. - Where setuid mode is present only for legacy compatibility, consider whether unprivileged user namespaces are now available on the host and remove the setuid bit.
"The bubblewrap maintainers recommend that it should not be installed setuid root."
- If you cannot patch immediately and must keep setuid
bwraprunning:- restrict which users can execute the binary
- audit downstream tooling that calls
bwrapon shared hosts - CI runners, build servers, multi-tenant boxes are the highest-risk surfaces - schedule migration off setuid mode as a near-term hardening item
Additional information
- GitHub security advisory (CVE mapping and maintainer notes on setuid deprecation): https://github.com/containers/bubblewrap/security/advisories/GHSA-xq78-7hw4-5jvp
Content is AI-assisted and reviewed by our team, but issues may be missed and best practices evolve rapidly, send corrections to [email protected]. Always consult official documentation and validate key implementation decisions before making design or security choices.