Highlights
Auth Bypass: 63 prior fixes. Scrutinize any change in this area.
packages/api/internal/handlers/sandbox_create.go: most-fixed (8 issues). Treat as high-risk during review.
78 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns
The bug types that recur here, drawn from past fixes, not open vulnerabilities.
Auth Bypass: External-facing gRPC and auto-resume endpoints historically lacked proper OIDC token verification, team-ownership validation, and permission checks, allowing unauthorized actors to restart or hijack sandbox environments. Ensuring absolute authentication before executing startup loops is vital.
Sandbox Escape: MicroVM environments suffered from sandbox escape risks through network plumbing errors where firewall rules (using iptables/nftables) were applied on host interfaces instead of within proper network namespaces, or were bypassed entirely via insecure configurations.
Denial of Service: The userfaultfd handler loop has repeatedly been a vector for infinite loops, CPU starvation, and panic crashes due to missing slice bounds checks on offset parameters, failure to exit on zero-byte reads, and unhandled retries.