The Rust Runtime That Blinked: Breaking Out of Youki via Symlinks

Amit Schendel

Senior Security Researcher

Jan 1, 2026·6 min read·5 visits

PoC Available

Executive Summary (TL;DR)

The 'youki' container runtime failed to validate destination paths when mounting /proc and /sys. A malicious image containing symlinks at these locations can trick the runtime into writing mounts to the host filesystem, leading to container escape.

While Rust guarantees memory safety, it cannot protect developers from logic errors. A critical vulnerability in the 'youki' container runtime allows malicious container images to trick the runtime into mounting sensitive pseudo-filesystems onto the host machine via symbolic links, effectively bypassing container isolation.

Attack Flow Diagram

Official Patches

youkiOfficial Release v0.5.5

Fix Analysis (1)

Technical Appendix

CVSS Score

7.0/ 10

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.03%

Top 100% most exploited

Affected Systems

youki container runtime < 0.5.5

Affected Versions Detail

Product	Affected Versions	Fixed Version
youki youki-dev	< 0.5.5	0.5.5

Attribute	Detail
CWE	CWE-61 (Symlink Following)
CVSS	7.0 (High)
Attack Vector	Local (via Malicious Image)
Privileges	Low (Container User)
Impact	Container Escape / Host FS Access
Patch	youki v0.5.5

MITRE ATT&CK Mapping

T1611Escape to Host

Privilege Escalation

T1222File and Directory Permissions Modification

Defense Evasion

CWE-61

Unix Symbolic Link (Symlink) Following

The software does not properly verify that a path is a symbolic link before writing to it, allowing for file manipulation outside the intended directory.

Known Exploits & Detection

Research AnalysisStandard container image symlink exploitation technique (similar to runc CVE-2023-27561)

Vulnerability Timeline

Patch Committed (v0.5.5)

2025-01-15

CVE Published

2025-01-20