GHSA-M38G-VWW2-MVGX Talos Linux has a local privilege escalation from untrusted workloads

Summary A vulnerability in the Linux kernel's algifaead subsystem CVE-2026-31431, "copy.fail" allows an unprivileged container workload to corrupt arbitrary file page-cache pages via the AFALG crypto interface and splice. On Talos Linux, this vulnerability can be chained into a complete node...

efci-copyfail-mitigation

Copy Fail exploit mitigation CVE-2026-31431 also known as...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431: Zero-Reboot Remediation for OpenShift 4 via BP...

Exploit for CVE-2026-31431

copy-fail-blocker BPF-LSM mitigation for CVE-2026-31431htt...

GHSA-3M6G-2423-7CP3 vulnerabilities

Vulnerabilities for packages: ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-rails, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.3-rails, ruby4.0-rails, cinc-auditor, logstash, ruby3.4-rails, ruby, ruby3.3-fluentd-kubernetes-daemonset...

GHSA-3M6G-2423-7CP3 vulnerabilities

Vulnerabilities for packages: ruby4.0-rails, ruby3.3-fluentd-kubernetes-daemonset, cinc-auditor, gitlab-cng, ruby3.4-fluentd-kubernetes-daemonset, ruby3.3-rails, ruby4.0-fluentd-kubernetes-daemonset, logstash, ruby3.2-rails, ruby3.4-rails, ruby, ruby3.2-fluentd-kubernetes-daemonset...

EUVD-2022-2834

Malicious code in bioql PyPI...

EUVD-2023-1244

Malicious code in bioql PyPI...

CVE-2023-30840

Fluid is an open source Kubernetes-native distributed dataset orchestrator and accelerator for data-intensive applications. Starting in version 0.7.0 and prior to version 0.8.6, if a malicious user gains control of a Kubernetes node running fluid csi pod controlled by the csi-nodeplugin-fluid...

CVE-2023-30512

CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret...

CVE-2024-47220 vulnerabilities

Vulnerabilities for packages: ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-webrick, ruby3.1-fluentd-kubernetes-daemonset, kube-fluentd-operator, ruby3.2-fluentd-kubernetes-daemonset...

Improper Privilege Management

github.com/kanisterio/kanister is vulnerable to Improper Privilege Management. The vulnerability is due to the edit ClusterRole having overly permissive permissions, including create, patch, and update verbs for daemonset resources, create verb for serviceaccount/token resources. An attacker can...

CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation

Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate...

CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation

Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate...

PT-2024-30561 · Kanister +1 · Kanister +1

Name of the Vulnerable Software and Affected Versions: Kanister affected versions not specified Description: Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding...

GHSA-R55C-59QM-VJW6 vulnerabilities

Vulnerabilities for packages: ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.1-fluentd-kubernetes-daemonset, ruby, kube-fluentd-operator, jruby...

BIT-CILIUM-PROXY-2022-29178

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 100...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 Basic POC to test CVE-2024-3094 vulnerability in...

BIT-HUBBLE-2022-29178

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 100...

TotalCloud Container Security Best Practices

Qualys Container Security CS, an integral part of TotalCloud 2.0, provides a comprehensive view of the security posture of containerized applications. Operationalizing a new technology tool in an enterprise often presents its own challenges. This blog seeks to help the operations team familiarize...