Protect.Computer
NEWS

BuildKit patches two high-severity build-context escape flaws (CVE-2026-33747, CVE-2026-33748)

· 1 min read · Malicious byte Data hijack
BuildKit patches two high-severity build-context escape flaws (CVE-2026-33747, CVE-2026-33748)

Photo by protect.computer (custom explainer graphic) on protect.computer

What happened

The BuildKit maintainers released v0.28.1 with fixes for two high-severity security issues:

  • CVE-2026-33747 / GHSA-4c29-8rgm-jvjj: a malicious custom frontend can trigger writes outside the BuildKit state directory.
  • CVE-2026-33748 / GHSA-4vrq-3vrq-g6gg: insufficient validation of Git URL #ref:subdir fragments can allow access to files outside the checked-out repository root.

Both issues affect build boundary trust in CI/CD environments where BuildKit processes untrusted input.

Why this matters

Build systems often run with privileged credentials and access to sensitive files. Boundary-escape bugs in builders can lead to:

  • Exposure of secrets mounted on the same filesystem
  • Unexpected file writes in build infrastructure
  • Supply-chain risk if untrusted build instructions are accepted

If your pipelines use remote contexts, custom frontends, or dynamic syntax configuration, this should be treated as a priority patch.

What defenders should do now

  1. Upgrade BuildKit to v0.28.1 or newer.
  2. Restrict use of custom/untrusted frontends (#syntax / BUILDKIT_SYNTAX) in production CI.
  3. Audit builds that use Git URL fragments with subdir components.
  4. Harden CI workers so build processes cannot access unrelated sensitive host files.
  5. Rotate any secrets that may have been exposed by compromised build jobs.

How to check if you’re affected

Use this quick checklist:

  1. Identify your BuildKit version

    • Run buildctl --version (or check the builder image tag in CI).
    • If version is below 0.28.1, treat as vulnerable.

  2. Check for risky frontend usage (CVE-2026-33747)

    • Search Dockerfiles and build configs for #syntax= pointing to third-party images.
    • Search CI for BUILDKIT_SYNTAX values set from untrusted or dynamic input.

  3. Check for risky Git URL subdir usage (CVE-2026-33748)

    • Review builds that pull context from URLs like https://...git#ref:subdir.
    • Flag workflows where the repository/ref/subdir can be attacker-controlled.

  4. Look for anomalous filesystem activity during builds

    • Investigate unexpected file reads/writes outside normal BuildKit state paths.

  5. Remediate and verify

    • Patch to v0.28.1+, rerun affected pipelines, and confirm no suspicious behavior persists.

Sources

Bottom line

If your org uses BuildKit in CI/CD, patch to 0.28.1+ now and review your frontend/Git-context trust model. These flaws target exactly the boundary assumptions many pipeline designs depend on.

Related reading

News
Trivy GitHub Action tags hijacked in supply-chain breach

Attackers force-pushed malicious updates to most trivy-action tags, putting CI/CD secrets at risk for teams pinning by mutable version tags.

News
AI-generated Slopoly malware deployed in Interlock ransomware attacks

Researchers say a likely AI-generated Slopoly backdoor helped ransomware operators maintain persistence and steal data in Interlock-linked intrusions.

News
AppsFlyer Web SDK hijack exposed websites to crypto-stealing JavaScript

AppsFlyer confirmed unauthorized code was briefly served through its Web SDK, enabling wallet-address replacement attacks in a supply-chain style compromise.

News
England Hockey investigates AiLock ransomware claim

England Hockey says it is investigating after the AiLock ransomware gang claimed to steal 129GB of data.