{
  "variant_id": "pruva-cve-2026-50195-digest-rootfsimageref-negative",
  "created_at": "2026-07-05T08:10:42Z",
  "variant_summary": "Digest-form config.dump rootfsImageRef (NAME@DIGEST) is an alternate trigger for the same CRI checkpoint tag-poisoning sink on vulnerable containerd v2.2.2, but it is not a bypass because fixed v2.2.5 does not create the attacker-selected rootfsImageName local tag.",
  "relation": "newer_version_sibling",
  "origin_kind": "pruva_variant",
  "repository": "https://github.com/containerd/containerd",
  "submitted_target": {
    "target_kind": "release_binary",
    "version": "2.2.2",
    "commit_sha": "301b2dac98f15c27117da5c8af12118a041a31d9",
    "ref": "v2.2.2",
    "display": "containerd v2.2.2 vulnerable release binary; source tag commit 116b799b27bcb69462e26db2d70c4823211befeb"
  },
  "variant_target": {
    "target_kind": "release_binary",
    "version": "2.2.5",
    "commit_sha": "e53c7c1516c3b2bff98eb76f1f4117477e6f4e66",
    "ref": "v2.2.5",
    "display": "containerd v2.2.5 fixed release binary; source tag commit bafc09e8fb5c3d754f57a77cd0b1fc6b7919834d"
  },
  "same_root_cause_confidence": "high",
  "same_surface_confidence": "high",
  "claimed_surface": "api_remote",
  "validated_surface": "api_remote",
  "required_entrypoint_kind": "api_remote",
  "required_entrypoint_detail": "CRI gRPC CreateContainer checkpoint import where image.image points to a checkpoint tar archive; followed by normal CRI CreateContainer/StartContainer for the attacker-selected victim tag",
  "attacker_controlled_input": "checkpoint archive config.dump rootfsImageRef=localhost:5000/attacker-digest@sha256:6015e02e94c8a0760f2ec65a62684d1ee6fb84925e68386f83e912ef8f9431af and rootfsImageName=localhost:5000/victim-digest:stable",
  "trigger_path": "internal/cri/server/container_create.go detects checkpoint image/file -> internal/cri/server/container_checkpoint_linux.go CRImportCheckpoint reads config.dump -> vulnerable v2.2.2 creates local victim tag -> later victim StartContainer executes attacker image; fixed v2.2.5 blocks tag creation",
  "observed_impact_class": "code_execution_on_vulnerable_only",
  "exploitability_confidence": "high_on_vulnerable_versions",
  "evidence_scope": "production_path",
  "runtime_manifest_present": true,
  "end_to_end_target_reached": true,
  "inferred": false,
  "claim_block_reason": "fixed_version_blocks_candidate",
  "blocking_mitigation": "v2.2.5 removes CRImportCheckpoint ImageService().Create retagging from untrusted RootfsImageName, covering tag-form and digest-form RootfsImageRef inputs.",
  "file_path": "internal/cri/server/container_checkpoint_linux.go",
  "line_start": 313,
  "line_end": 345,
  "secondary_anchors": [
    {
      "file_path": "internal/cri/server/container_create.go",
      "line_start": 136,
      "line_end": 154
    },
    {
      "file_path": "internal/cri/server/container_checkpoint_linux.go",
      "line_start": 331,
      "line_end": 365
    }
  ],
  "review_scope_paths": [
    "internal/cri/server/container_checkpoint_linux.go",
    "internal/cri/server/container_create.go",
    "internal/cri/server/container_start.go",
    "vendor/github.com/checkpoint-restore/checkpointctl/lib/metadata.go",
    "README.md",
    "RELEASES.md"
  ],
  "artifact_refs": {
    "variant_manifest": "bundle/vuln_variant/variant_manifest.json",
    "validation_verdict": "bundle/vuln_variant/validation_verdict.json",
    "runtime_manifest": "bundle/vuln_variant/runtime_manifest.json",
    "repro_log": "bundle/logs/vuln_variant/reproduction_steps.log",
    "root_cause_equivalence": "bundle/vuln_variant/root_cause_equivalence.json",
    "reproducer": [
      "bundle/vuln_variant/reproduction_steps.sh"
    ],
    "summary": "bundle/logs/vuln_variant/digest_variant_summary.txt",
    "vulnerable_evidence": "bundle/logs/vuln_variant/vulnerable_v222_digest_variant_evidence.txt",
    "fixed_evidence": "bundle/logs/vuln_variant/fixed_v225_digest_variant_evidence.txt",
    "patch_analysis": "bundle/vuln_variant/patch_analysis.md",
    "source_identity_discovery": "bundle/logs/vuln_variant/source_identity_discovery.txt"
  }
}
