GHSA-mxr3-8whj-j74r
First published: Tue Apr 22 2025(Updated: )
### Summary Harden-Runner includes a policy option `disable-sudo` to prevent the GitHub Actions runner user from using sudo. This is implemented by removing the runner user from the sudoers file. However, this control can be bypassed as the runner user, being part of the docker group, can interact with the Docker daemon to launch privileged containers or access the host filesystem. This allows the attacker to regain root access or restore the sudoers file, effectively bypassing the restriction. For an attacker to bypass this control, they would first need the ability to run their malicious code (e.g., by a supply chain attack similar to tj-actions or exploiting a Pwn Request vulnerability)) on the runner. This vulnerability has been fixed in Harden-Runner version `v2.12.0`. ### Impact An attacker with the ability to run their malicious code on a runner configured with `disable-sudo: true` can escalate privileges to root using Docker, defeating the intended security control. ### Affected Configuration • Harden-Runner configurations that use `disable-sudo: true` on GitHub-hosted runners or on ephemeral self-hosted VM-based runners. • This issue does not apply to Kubernetes-based Actions Runner Controller (ARC) Harden-Runner. ### Mitigation / Fix This vulnerability has been fixed in Harden-Runner version `v2.12.0`. Users should migrate to the stronger `disable-sudo-and-containers` policy. This setting: • Disables sudo access, • Removes access to dockerd and containerd sockets, • Uninstalls Docker from the runner entirely, preventing container-based privilege escalation paths. ### Additional Improvements • The `disable-sudo` option will be deprecated in the future, as it does not sufficiently restrict privilege escalation on its own. • Harden-Runner now includes detections to alert on attempts to evade the `disable-sudo` policy. ### Credits Reported by @loresuso and @darryk10. We would like to thank them for collaborating with us to mitigate the vulnerability.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| actions/step-security/harden-runner | >=0.12.0<2.12.0 | 2.12.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r
- https://nvd.nist.gov/vuln/detail/CVE-2025-32955
- https://github.com/step-security/harden-runner/commit/0634a2670c59f64b4a01f0f96f84700a4088b9f0
- https://github.com/step-security/harden-runner/releases/tag/v2.12.0
- https://github.com/advisories/GHSA-mxr3-8whj-j74r (Advisory)
Frequently Asked Questions
What is the severity of GHSA-mxr3-8whj-j74r?
The severity of GHSA-mxr3-8whj-j74r is considered high due to the ability to bypass the `disable-sudo` policy.
How do I fix GHSA-mxr3-8whj-j74r?
To fix GHSA-mxr3-8whj-j74r, update the step-security/harden-runner package to version 2.12.0 or later.
What causes the vulnerability GHSA-mxr3-8whj-j74r?
The vulnerability GHSA-mxr3-8whj-j74r is caused by the runner user being part of the docker group, allowing sudo to be potentially bypassed.
Is GHSA-mxr3-8whj-j74r related to GitHub Actions?
Yes, GHSA-mxr3-8whj-j74r specifically affects the GitHub Actions runner and its configuration.
Who is affected by GHSA-mxr3-8whj-j74r?
Users of the step-security/harden-runner package versions from 0.12.0 to 2.12.0 are affected by GHSA-mxr3-8whj-j74r.
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-mxr3-8whj-j74r
- alias/CVE-2025-32955
- agent/software-canonical-lookup
- agent/weakness
- agent/last-modified-date
- agent/source
- agent/references
- agent/severity
- agent/description
- agent/tags
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- package-manager/actions