Thalassa Cloud Thalassa Cloud
Sign in Sign up

CVE-2026-31431 (Copy Fail): patched Kubernetes images on Thalassa Cloud

kubernetes security
2026-05-01
By Thalassa Cloud

CVE-2026-31431, known as Copy Fail, is a Linux kernel local privilege escalation affecting a wide range of kernels from 2017 until distributors ship the fix. On Kubernetes Clusters that may execute potentially malicious workloads (i.g. third party container images), the vulnerability may facilitate container escape scenarios (from a pod to the host). Utilising microVMs or other isolated runtime classes may mitigate impact. Thalassa Cloud Kubernetes images v1.34.7-1 and v1.35.4-1 include kernel module updates that address CVE-2026-31431 by applying the recommended mitigation from Canonical for Ubuntu.

Read article

Latest Posts

CVE-2026-31431 (Copy Fail): patched Kubernetes images on Thalassa Cloud

2026-05-01
CVE-2026-31431, known as Copy Fail, is a Linux kernel local privilege escalation affecting a wide range of kernels from 2017 until distributors ship the fix. On Kubernetes Clusters that may execute potentially malicious workloads (i.g. third party container images), the vulnerability may facilitate container escape scenarios (from a pod to the host). Utilising microVMs or other isolated runtime classes may mitigate impact. Thalassa Cloud Kubernetes images v1.34.7-1 and v1.35.4-1 include kernel module updates that address CVE-2026-31431 by applying the recommended mitigation from Canonical for Ubuntu.

Kubernetes v1.35 Available on Thalassa Kubernetes Service

2026-01-31
We’re announcing two new Kubernetes releases in Thalassa Cloud: v1.35.1-0 and v1.34.3-0. These releases include various patches and upgrades of the container runtime, Kubernetes, Cilium and more. Available Versions v1.35.1-0 release notes. v1.34.3-0 documentation tcloud kubernetes upgrade The tcloud kubernetes versions command lists all available Kubernetes versions in Thalassa Cloud, along with their component versions and release information. Refer to this table to select a version for new deployments or to confirm that runc 1.

Kubernetes v1.34.2-0 and v1.33.6-0: Security Fixes and Component Updates

2025-11-17
We’re announcing two new Kubernetes releases in Thalassa Cloud: v1.34.2-0 and v1.33.6-0. These releases include security fixes that address high-severity vulnerabilities in runc, along with important component updates and stability improvements. Critical Security Fixes Both releases include runc 1.3.3, which fixes three high-severity security vulnerabilities: CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 These vulnerabilities could allow full container breakouts by bypassing runc’s restrictions for writing to arbitrary /proc files. We recommend upgrading your clusters to these versions as soon as possible to mitigate these security risks.

Kubernetes v1.33.4-0 and v1.32.8-0: Security Fixes and Component Updates

2025-08-14
We’re excited to announce the release of two new Kubernetes versions in Thalassa Cloud: v1.33.4-0 and v1.32.8-0. These releases bring security fixes, component updates, and enhanced stability for your Kubernetes workloads. Security Fixes Both releases address a medium security vulnerability: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference A vulnerability exists in the NodeRestriction admission controller where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource.