https://clement.n8r.ch/en/tags/talos/ Recent content in Talos on n8r | Clément Hugo -- 0.147.7 en-US Fri, 01 May 2026 10:00:00 +0200 https://clement.n8r.ch/en/articles/copyfail-cve-2026-31431-kubernetes-escape/ Fri, 01 May 2026 10:00:00 +0200 https://clement.n8r.ch/en/articles/copyfail-cve-2026-31431-kubernetes-escape/ <blockquote> <p>This article covers two complementary paths: the CNI wrapper staging chain, and the fully autonomous operator-SA compromise that eliminates the external trigger dependency. Both are proven on Talos Linux v1.12.4, Cilium v1.18.x, kernel 6.18.9.</p> <p><strong>Update (May 5th):</strong> code and building blocks on GitHub: <a href="https://github.com/clementnuss/copyfail-cve-exploits">https://github.com/clementnuss/copyfail-cve-exploits</a></p></blockquote> <h2 id="context">Context</h2> <p>I work at <a href="https://www.postfinance.ch">PostFinance</a>, where we run a Kubernetes platform supporting banking workloads. Our production clusters run Debian 12 with kernel 6.1.158+, which happens to be <strong>not vulnerable</strong> to CVE-2026-31431 (more on that at the end).</p>