{
  "same_root_cause": true,
  "same_root_cause_confidence": "high",
  "same_surface": true,
  "same_surface_confidence": "high",
  "parent_root_cause": "CRI checkpoint import trusts config.dump RootfsImageRef and RootfsImageName enough to create a local image tag from untrusted checkpoint metadata in vulnerable versions.",
  "candidate_root_cause": "The digest-form candidate changes RootfsImageRef syntax to NAME@DIGEST but still reaches the same vulnerable CRImportCheckpoint retagging sink on v2.2.2.",
  "sink": {
    "file_path": "internal/cri/server/container_checkpoint_linux.go",
    "function": "(*criService).CRImportCheckpoint",
    "vulnerable_operations": [
      "c.client.ImageService().Get(ctx, config.RootfsImageRef)",
      "tagImage.Name = config.RootfsImageName",
      "c.client.ImageService().Create(ctx, tagImage)"
    ]
  },
  "entrypoint_equivalence": {
    "parent": "CRI CreateContainer imports checkpoint archive with tag-form RootfsImageRef",
    "candidate": "CRI CreateContainer imports checkpoint archive with digest-form RootfsImageRef",
    "difference": "Image reference encoding in config.dump; same API surface and same metadata fields"
  },
  "fixed_behavior": "v2.2.5 removes the vulnerable retagging operations, so both parent and digest-form candidate are blocked from creating arbitrary local tags.",
  "evidence": {
    "vulnerable_candidate": "bundle/logs/vuln_variant/vulnerable_v222_digest_variant_evidence.txt",
    "fixed_candidate": "bundle/logs/vuln_variant/fixed_v225_digest_variant_evidence.txt",
    "summary": "bundle/logs/vuln_variant/digest_variant_summary.txt"
  }
}
