Talos Linux has a local privilege escalation from untrusted workloads

Summary A vulnerability in the Linux kernel's algifaead subsystem CVE-2026-31431, "copy.fail" allows an unprivileged container workload to corrupt arbitrary file page-cache pages via the AFALG crypto interface and splice. On Talos Linux, this vulnerability can be chained into a complete node...

EUVD-2022-6732

Malicious code in bioql PyPI...

CVE-2022-36103

Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR certificate signing request Talos control plane node might issue Talos API...

Talos Linux ships runc vulnerable to the escape to the host attack

Impact Snyk has discovered a vulnerability in all versions of runc =1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious...

GHSA-G5P6-327M-3FXX Talos Linux ships runc vulnerable to the escape to the host attack

Impact Snyk has discovered a vulnerability in all versions of runc =1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious...

The vulnerability of Talos Linux operating system interfaces allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Talos Linux operating systems relates to the improper assignment of permissions for critical resources during the signature verification process. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information...

CVE-2022-36103

Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR certificate signing request Talos control plane node might issue Talos API...

CVE-2022-36103

CVE-2022-36103 affects Talos Linux (Kubernetes-focused distro). The vulnerability arises from improper validation when signing a worker node CSR, potentially allowing a control plane node to issue a Talos API certificate with full access to the Talos API. The Talos API join token is stored in wor...

CVE-2022-36103 Talos worker join token can be used to get elevated access level to the Talos API

Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR certificate signing request Talos control plane node might issue Talos API...

Talos Linux 安全漏洞

Talos Linux is Sidero Labs' modern Linux distribution built for Kubernetes. Talos Linux suffers from a security vulnerability that stems from incorrect validation of a request when signing a CSR Certificate Signing Request for a worker node, resulting in full access to the Talos API on a control...