[08:10:32] recorded source identity at logs/vuln_variant/source_identity_discovery.txt [08:10:32] starting local registry for variant proof (host push endpoint localhost:5001, runner pull endpoint localhost:5000 via socat) [08:10:34] building and pushing digest-variant images 3.10: Pulling from pause Digest: sha256:ee6521f290b2168b6e0935a181d4cff9be1ac3f505666ef0e3c98fae8199917a Status: Image is up to date for registry.k8s.io/pause:3.10 registry.k8s.io/pause:3.10 The push refers to repository [localhost:5001/pause] 61d9e957431b: Pushed 3.10: digest: sha256:7c38f24774e3cbd906d2d33c38354ccf787635581c122965132c9bd309754d4a size: 501 Info -> Not all multiplatform-content is present and only the available single-platform image was pushed sha256:ee6521f290b2168b6e0935a181d4cff9be1ac3f505666ef0e3c98fae8199917a -> sha256:7c38f24774e3cbd906d2d33c38354ccf787635581c122965132c9bd309754d4a DEPRECATED: The legacy builder is deprecated and will be removed in a future release. Install the buildx component to build images with BuildKit: https://docs.docker.com/go/buildx/ Sending build context to Docker daemon 2.048kB Step 1/2 : FROM alpine:3.20 ---> d9e853e87e55 Step 2/2 : CMD ["/bin/sh", "-c", "echo PRUVA_DIGEST_VARIANT_CODE_EXEC uid=$(id -u) gid=$(id -g) image=attacker-digest; sleep 1"] ---> Using cache ---> 6015e02e94c8 Successfully built 6015e02e94c8 Successfully tagged localhost:5001/attacker-digest:latest The push refers to repository [localhost:5001/attacker-digest] 25f1d6b1951a: Pushed latest: digest: sha256:6015e02e94c8a0760f2ec65a62684d1ee6fb84925e68386f83e912ef8f9431af size: 530 DEPRECATED: The legacy builder is deprecated and will be removed in a future release. Install the buildx component to build images with BuildKit: https://docs.docker.com/go/buildx/ Sending build context to Docker daemon 2.048kB Step 1/2 : FROM alpine:3.20 ---> d9e853e87e55 Step 2/2 : CMD ["/bin/sh", "-c", "echo LEGITIMATE_DIGEST_VARIANT_VICTIM_SHOULD_NOT_RUN; sleep 1"] ---> Using cache ---> 0214757c831f Successfully built 0214757c831f Successfully tagged localhost:5001/victim-digest:stable The push refers to repository [localhost:5001/victim-digest] 25f1d6b1951a: Pushed stable: digest: sha256:0214757c831f8b466e7199d1059217cabeed1a4c352445b4772cc11bfe62b211 size: 530 [08:10:35] preparing containerd/runc/crictl binaries [08:10:35] building pruva-variant-ctrd:v222-digest for containerd 2.2.2 DEPRECATED: The legacy builder is deprecated and will be removed in a future release. Install the buildx component to build images with BuildKit: https://docs.docker.com/go/buildx/ Sending build context to Docker daemon 134.6MB Step 1/15 : FROM ubuntu:22.04 ---> 0e0a0fc6d18f Step 2/15 : ENV DEBIAN_FRONTEND=noninteractive ---> Using cache ---> dd6506bffc2e Step 3/15 : RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl wget jq iptables iproute2 procps socat tar gzip findutils libseccomp2 criu && rm -rf /var/lib/apt/lists/* ---> Using cache ---> 5a7a95738d24 Step 4/15 : RUN mkdir -p /opt/cni/bin && curl -sL "https://github.com/containernetworking/plugins/releases/download/v1.5.1/cni-plugins-linux-amd64-v1.5.1.tgz" | tar xz -C /opt/cni/bin ---> Using cache ---> c85ce5e12d2f Step 5/15 : RUN mkdir -p /opt/containerd/bin /opt/bin /etc/containerd/certs.d /var/lib/containerd /run/containerd /etc/cni/net.d ---> Using cache ---> 1a8bc1152ea5 Step 6/15 : COPY bin/containerd /opt/containerd/bin/containerd ---> Using cache ---> 60f28262db50 Step 7/15 : COPY bin/containerd-shim-runc-v2 /opt/containerd/bin/containerd-shim-runc-v2 ---> Using cache ---> 5ecbafdbad3c Step 8/15 : COPY bin/ctr /opt/containerd/bin/ctr ---> Using cache ---> 92b94afab694 Step 9/15 : COPY runc.amd64 /opt/bin/runc ---> Using cache ---> a8fd374f3894 Step 10/15 : COPY crictl/crictl /opt/bin/crictl ---> Using cache ---> bec3c452da2e Step 11/15 : RUN chmod +x /opt/containerd/bin/* /opt/bin/runc /opt/bin/crictl && ln -sf /opt/bin/runc /usr/local/bin/runc && ln -sf /opt/containerd/bin/containerd /usr/local/bin/containerd && ln -sf /opt/containerd/bin/containerd-shim-runc-v2 /usr/local/bin/containerd-shim-runc-v2 && ln -sf /opt/containerd/bin/ctr /usr/local/bin/ctr && ln -sf /opt/bin/crictl /usr/local/bin/crictl ---> Using cache ---> 484f2b60f6c5 Step 12/15 : COPY entrypoint.sh /entrypoint.sh ---> Using cache ---> 98d911816d1c Step 13/15 : COPY variant_exploit.sh /variant_exploit.sh ---> Using cache ---> 42547ace63ab Step 14/15 : RUN chmod +x /entrypoint.sh /variant_exploit.sh ---> Using cache ---> ce74e0e4985b Step 15/15 : ENTRYPOINT ["/entrypoint.sh"] ---> Using cache ---> 77b6e4dbd4c5 Successfully built 77b6e4dbd4c5 Successfully tagged pruva-variant-ctrd:v222-digest [08:10:36] building pruva-variant-ctrd:v225-digest-fixed for containerd 2.2.5 DEPRECATED: The legacy builder is deprecated and will be removed in a future release. Install the buildx component to build images with BuildKit: https://docs.docker.com/go/buildx/ Sending build context to Docker daemon 134.7MB Step 1/15 : FROM ubuntu:22.04 ---> 0e0a0fc6d18f Step 2/15 : ENV DEBIAN_FRONTEND=noninteractive ---> Using cache ---> dd6506bffc2e Step 3/15 : RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl wget jq iptables iproute2 procps socat tar gzip findutils libseccomp2 criu && rm -rf /var/lib/apt/lists/* ---> Using cache ---> 5a7a95738d24 Step 4/15 : RUN mkdir -p /opt/cni/bin && curl -sL "https://github.com/containernetworking/plugins/releases/download/v1.5.1/cni-plugins-linux-amd64-v1.5.1.tgz" | tar xz -C /opt/cni/bin ---> Using cache ---> c85ce5e12d2f Step 5/15 : RUN mkdir -p /opt/containerd/bin /opt/bin /etc/containerd/certs.d /var/lib/containerd /run/containerd /etc/cni/net.d ---> Using cache ---> 1a8bc1152ea5 Step 6/15 : COPY bin/containerd /opt/containerd/bin/containerd ---> Using cache ---> 5ee2eba3551b Step 7/15 : COPY bin/containerd-shim-runc-v2 /opt/containerd/bin/containerd-shim-runc-v2 ---> Using cache ---> 30a88caad1bc Step 8/15 : COPY bin/ctr /opt/containerd/bin/ctr ---> Using cache ---> 2a82971eab12 Step 9/15 : COPY runc.amd64 /opt/bin/runc ---> Using cache ---> c569a59d16c9 Step 10/15 : COPY crictl/crictl /opt/bin/crictl ---> Using cache ---> f5bcf441851f Step 11/15 : RUN chmod +x /opt/containerd/bin/* /opt/bin/runc /opt/bin/crictl && ln -sf /opt/bin/runc /usr/local/bin/runc && ln -sf /opt/containerd/bin/containerd /usr/local/bin/containerd && ln -sf /opt/containerd/bin/containerd-shim-runc-v2 /usr/local/bin/containerd-shim-runc-v2 && ln -sf /opt/containerd/bin/ctr /usr/local/bin/ctr && ln -sf /opt/bin/crictl /usr/local/bin/crictl ---> Using cache ---> 7fa9df0360fd Step 12/15 : COPY entrypoint.sh /entrypoint.sh ---> Using cache ---> bab11cbdbfa9 Step 13/15 : COPY variant_exploit.sh /variant_exploit.sh ---> Using cache ---> 8f6d68c6a93c Step 14/15 : RUN chmod +x /entrypoint.sh /variant_exploit.sh ---> Using cache ---> 66e3423dc2ff Step 15/15 : ENTRYPOINT ["/entrypoint.sh"] ---> Using cache ---> 26c2a858b2bf Successfully built 26c2a858b2bf Successfully tagged pruva-variant-ctrd:v225-digest-fixed [08:10:36] running vulnerable_v222_digest (vulnerable) [08:10:39] vulnerable_v222_digest result: VULN_DIGEST_TRIGGER_CONFIRMED (exec rc=0) [08:10:39] running fixed_v225_digest (fixed) [08:10:42] fixed_v225_digest result: FIXED_DIGEST_TRIGGER_BLOCKED (exec rc=0) Digest-form rootfsImageRef candidate Vulnerable result: VULN_DIGEST_TRIGGER_CONFIRMED attacker digest ref=localhost:5000/attacker-digest@sha256:6015e02e94c8a0760f2ec65a62684d1ee6fb84925e68386f83e912ef8f9431af POST-CHECKPOINT: attacker digest image entries = 1 POST-CHECKPOINT: poisoned victim digest tag entries = 1 PRUVA_DIGEST_VARIANT_CODE_EXEC uid=0 gid=0 image=attacker-digest VERDICT: VULN_DIGEST_TRIGGER_CONFIRMED - digest-form rootfsImageRef poisoned localhost:5000/victim-digest:stable and executed attacker image code Fixed result: FIXED_DIGEST_TRIGGER_BLOCKED attacker digest ref=localhost:5000/attacker-digest@sha256:6015e02e94c8a0760f2ec65a62684d1ee6fb84925e68386f83e912ef8f9431af POST-CHECKPOINT: attacker digest image entries = 1 POST-CHECKPOINT: poisoned victim digest tag entries = 0 victim CreateContainer failed (expected for fixed runtime when no poisoned tag exists) VERDICT: FIXED_DIGEST_TRIGGER_BLOCKED - fixed runtime pulled/resolved the base image but did not create the arbitrary victim tag [08:10:42] NO BYPASS: digest-form candidate reproduced on vulnerable v2.2.2 but fixed v2.2.5 blocked arbitrary tag creation.