All Products
Search
Document Center

Container Service for Kubernetes:Security advisory: CVE-2026-31431

Last Updated:Jun 15, 2026

CVE-2026-31431 is a Linux kernel local privilege escalation vulnerability (CVSS 7.8, High). A low-privilege attacker can use the AF_ALG cryptographic interface with the splice() system call to write four attacker-controlled bytes to any readable file's page cache, tamper with setuid binaries, and gain root privileges. See the CVE-2026-31431 record, the GitHub Security Advisory,.

Scope of impact

CVE-2026-31431 allows a local, unprivileged attacker to write to the page cache, which can lead to local privilege escalation and container escape. The following resources are affected:

Resolution

Follow Solution 1: Change the operating system (recommended) to remediate this vulnerability. Before patched images are released, use Solution 2: Interim mitigation (seccomp policy) to reduce risk.

Solution 1: Change the operating system (recommended)

Node pools

  • New nodes: Create node pools with the patched image versions listed in the following table.

  • Existing nodes: Use the change the operating system feature to update nodes to the latest patched image.

    This fix requires a node reboot. The update process drains the node before rebooting, causing workloads to restart. Assess the impact and perform this update during off-peak hours.

The following table shows the patch status for ACK node pool images.

Important

The information in the following table is current as of 15:00 (UTC+8) on May 8, 2026. See the OS image release notes.

OS type

OS name

Patched version and release status

Public image

Alibaba Cloud Linux 4 LTS 64-bit Container-Optimized

aliyun_4_x64_20G_container_optimized_alibase_20260430.vhd (Released)

Alibaba Cloud Linux 4 LTS 64-bit Container-Optimized for ARM

aliyun_4_arm64_20G_container_optimized_alibase_20260430.vhd (Released)

Alibaba Cloud Linux 3.2104 LTS 64-bit Container-Optimized

aliyun_3_x64_20G_container_optimized_alibase_20260503.vhd (Released)

Alibaba Cloud Linux 3.2104 Container-Optimized for ARM

aliyun_3_arm64_20G_container_optimized_alibase_20260503.vhd (Released)

ContainerOS

lifsea_3_x64_5G_alibase_20260507.qcow2 (Released)

ContainerOS GPU

lifsea_3_x64_10G_alibase_nvidia_570_20260507.qcow2 (Released)

Ubuntu 24.04

To be released

Ubuntu 22.04 ARM

To be released

Custom image

You must update your images based on the official guidance from your Linux OS vendor.

Marketplace image

The fix depends on updates from Linux image providers. Monitor the ECS images on Alibaba Cloud Marketplace for updates.

Hybrid cloud node pools

Assess business risks and upgrade nodes based on your Linux OS vendor's guidance.

Lingjun node pools

This advisory will be updated with impact and resolution details for Lingjun node pools as they become available. Contact the ACK team for questions.

Solution 2: Interim mitigation (seccomp policy)

Solution 1 We recommend that you prioritize Solution 1 to fully remediate this vulnerability. Until patched images are released for your OS, you can apply the following steps as an interim mitigation.

A seccomp policy blocks AF_ALG socket creation, closing the attack vector at the kernel level.

Prerequisites

Before you begin, confirm the following:

  • Your workloads do not depend on the AF_ALG kernel module (used for kernel-space cryptographic acceleration, such as IPsec or libkcapi).

  • No other Localhost-type seccomp profile is configured in the securityContext.seccompProfile field of your workload Pods.

1. Deploy the seccomp DaemonSet

This DaemonSet writes a seccomp policy file to each Linux node in your cluster. After the file is created, apply the policy by referencing it in your workload Pods as described in Step 2.

  1. Save the following YAML manifest as seccomp-block-AF_ALG.yaml.

    The DaemonSet writes seccomp-block-af_alg.json to /var/lib/kubelet/seccomp/profiles/ on all Linux nodes.

    YAML

    apiVersion: apps/v1
    kind: DaemonSet
    metadata:
      name: ack-cve-2026-31431-mitigate
      namespace: kube-system
      labels:
        app: ack-cve-2026-31431-mitigate
    spec:
      selector:
        matchLabels:
          app: ack-cve-2026-31431-mitigate
      template:
        metadata:
          labels:
            app: ack-cve-2026-31431-mitigate
        spec:
          priorityClassName: system-node-critical
          nodeSelector:
            kubernetes.io/os: linux
          tolerations:
            - operator: Exists
          containers:
            - name: mitigate
              image: registry-cn-hangzhou.ack.aliyuncs.com/acs/busybox:1.35
              command:
                - /bin/sh
                - -c
                - |
                  echo "=== CVE-2026-31431 Mitigation ==="
    
                  cat <<EOF > /kubelet-seccomp/seccomp-block-af_alg.json
                  {
                    "defaultAction": "SCMP_ACT_ERRNO",
                    "architectures": [
                      "SCMP_ARCH_X86_64",
                      "SCMP_ARCH_X86",
                      "SCMP_ARCH_X32",
                      "SCMP_ARCH_AARCH64",
                      "SCMP_ARCH_ARM"
                    ],
                    "syscalls": [
                      {
                        "names": ["socket"],
                        "action": "SCMP_ACT_ERRNO",
                        "args": [
                          {
                            "index": 0,
                            "value": 38,
                            "op": "SCMP_CMP_EQ"
                          }
                        ]
                      },
                      {
                        "names": ["socket"],
                        "action": "SCMP_ACT_ALLOW",
                        "args": [
                          {
                            "index": 0,
                            "value": 40,
                            "op": "SCMP_CMP_NE"
                          }
                        ]
                      },
                      {
                        "names": [
                          "accept", "accept4", "access", "adjtimex", "alarm", "bind", "brk",
                          "cachestat", "capget", "capset", "chdir", "chmod", "chown", "chown32",
                          "clock_adjtime", "clock_adjtime64", "clock_getres", "clock_getres_time64",
                          "clock_gettime", "clock_gettime64", "clock_nanosleep", "clock_nanosleep_time64",
                          "close", "close_range", "connect", "copy_file_range", "creat",
                          "dup", "dup2", "dup3",
                          "epoll_create", "epoll_create1", "epoll_ctl", "epoll_ctl_old",
                          "epoll_pwait", "epoll_pwait2", "epoll_wait", "epoll_wait_old",
                          "eventfd", "eventfd2", "execve", "execveat", "exit", "exit_group",
                          "faccessat", "faccessat2", "fadvise64", "fadvise64_64", "fallocate",
                          "fanotify_mark", "fchdir", "fchmod", "fchmodat", "fchmodat2",
                          "fchown", "fchown32", "fchownat", "fcntl", "fcntl64", "fdatasync",
                          "fgetxattr", "flistxattr", "flock", "fork", "fremovexattr", "fsetxattr",
                          "fstat", "fstat64", "fstatat64", "fstatfs", "fstatfs64", "fsync",
                          "ftruncate", "ftruncate64",
                          "futex", "futex_requeue", "futex_time64", "futex_wait", "futex_waitv", "futex_wake",
                          "futimesat", "getcpu", "getcwd", "getdents", "getdents64",
                          "getegid", "getegid32", "geteuid", "geteuid32",
                          "getgid", "getgid32", "getgroups", "getgroups32", "getitimer",
                          "getpeername", "getpgid", "getpgrp", "getpid", "getppid", "getpriority",
                          "getrandom", "getresgid", "getresgid32", "getresuid", "getresuid32",
                          "getrlimit", "get_robust_list", "getrusage", "getsid", "getsockname",
                          "getsockopt", "get_thread_area", "gettid", "gettimeofday",
                          "getuid", "getuid32", "getxattr", "getxattrat",
                          "inotify_add_watch", "inotify_init", "inotify_init1", "inotify_rm_watch",
                          "io_cancel", "ioctl", "io_destroy", "io_getevents",
                          "io_pgetevents", "io_pgetevents_time64", "ioprio_get", "ioprio_set",
                          "io_setup", "io_submit", "ipc", "kill",
                          "landlock_add_rule", "landlock_create_ruleset", "landlock_restrict_self",
                          "lchown", "lchown32", "lgetxattr", "link", "linkat", "listen",
                          "listmount", "listxattr", "listxattrat", "llistxattr", "_llseek",
                          "lremovexattr", "lseek", "lsetxattr",
                          "lsm_get_self_attr", "lsm_list_modules", "lsm_set_self_attr",
                          "lstat", "lstat64", "madvise", "membarrier", "memfd_create", "memfd_secret",
                          "mincore", "mkdir", "mkdirat", "mknod", "mknodat",
                          "mlock", "mlock2", "mlockall", "map_shadow_stack",
                          "mmap", "mmap2", "mprotect",
                          "mq_getsetattr", "mq_notify", "mq_open",
                          "mq_timedreceive", "mq_timedreceive_time64",
                          "mq_timedsend", "mq_timedsend_time64", "mq_unlink",
                          "mremap", "mseal", "msgctl", "msgget", "msgrcv", "msgsnd", "msync",
                          "munlock", "munlockall", "munmap",
                          "name_to_handle_at", "nanosleep", "newfstatat", "_newselect",
                          "open", "openat", "openat2", "pause",
                          "pidfd_open", "pidfd_send_signal", "pipe", "pipe2",
                          "pkey_alloc", "pkey_free", "pkey_mprotect",
                          "poll", "ppoll", "ppoll_time64", "prctl",
                          "pread64", "preadv", "preadv2", "prlimit64",
                          "process_mrelease", "pselect6", "pselect6_time64",
                          "pwrite64", "pwritev", "pwritev2",
                          "read", "readahead", "readlink", "readlinkat", "readv",
                          "recv", "recvfrom", "recvmmsg", "recvmmsg_time64", "recvmsg",
                          "remap_file_pages", "removexattr", "removexattrat",
                          "rename", "renameat", "renameat2", "restart_syscall", "rmdir", "rseq",
                          "rt_sigaction", "rt_sigpending", "rt_sigprocmask", "rt_sigqueueinfo",
                          "rt_sigreturn", "rt_sigsuspend", "rt_sigtimedwait", "rt_sigtimedwait_time64",
                          "rt_tgsigqueueinfo",
                          "sched_getaffinity", "sched_getattr", "sched_getparam",
                          "sched_get_priority_max", "sched_get_priority_min", "sched_getscheduler",
                          "sched_rr_get_interval", "sched_rr_get_interval_time64",
                          "sched_setaffinity", "sched_setattr", "sched_setparam",
                          "sched_setscheduler", "sched_yield", "seccomp", "select",
                          "semctl", "semget", "semop", "semtimedop", "semtimedop_time64",
                          "send", "sendfile", "sendfile64", "sendmmsg", "sendmsg", "sendto",
                          "setfsgid", "setfsgid32", "setfsuid", "setfsuid32",
                          "setgid", "setgid32", "setgroups", "setgroups32", "setitimer", "setpgid",
                          "setpriority", "setregid", "setregid32", "setresgid", "setresgid32",
                          "setresuid", "setresuid32", "setreuid", "setreuid32", "setrlimit",
                          "set_robust_list", "setsid", "setsockopt", "set_thread_area",
                          "set_tid_address", "setuid", "setuid32", "setxattr", "setxattrat",
                          "shmat", "shmctl", "shmdt", "shmget", "shutdown",
                          "sigaltstack", "signalfd", "signalfd4", "sigprocmask", "sigreturn",
                          "socketcall", "socketpair", "splice",
                          "stat", "stat64", "statfs", "statfs64", "statmount", "statx",
                          "symlink", "symlinkat", "sync", "sync_file_range", "syncfs", "sysinfo",
                          "tee", "tgkill", "time",
                          "timer_create", "timer_delete", "timer_getoverrun",
                          "timer_gettime", "timer_gettime64", "timer_settime", "timer_settime64",
                          "timerfd_create", "timerfd_gettime", "timerfd_gettime64",
                          "timerfd_settime", "timerfd_settime64",
                          "times", "tkill", "truncate", "truncate64", "ugetrlimit", "umask",
                          "uname", "unlink", "unlinkat", "uretprobe",
                          "utime", "utimensat", "utimensat_time64", "utimes",
                          "vfork", "vmsplice", "wait4", "waitid", "waitpid", "write", "writev",
                          "bpf", "chroot", "clone3", "fanotify_init", "fsconfig", "fsmount",
                          "fsopen", "fspick", "get_mempolicy", "io_uring_enter", "io_uring_register",
                          "io_uring_setup", "iopl", "ioperm", "kcmp", "keyctl", "add_key",
                          "request_key", "lookup_dcookie", "mbind", "migrate_pages", "mount",
                          "mount_setattr", "move_mount", "umount2", "move_pages", "nfsservctl",
                          "open_tree", "perf_event_open", "pidfd_getfd", "pivot_root",
                          "process_vm_readv", "process_vm_writev", "ptrace", "quotactl",
                          "quotactl_fd", "reboot", "set_mempolicy", "set_mempolicy_home_node",
                          "setdomainname", "sethostname", "setns", "swapon", "swapoff",
                          "syslog", "unshare", "userfaultfd", "vhangup"
                        ],
                        "action": "SCMP_ACT_ALLOW"
                      },
                      {
                        "names": ["personality"],
                        "action": "SCMP_ACT_ALLOW",
                        "args": [{ "index": 0, "value": 0, "op": "SCMP_CMP_EQ" }]
                      },
                      {
                        "names": ["personality"],
                        "action": "SCMP_ACT_ALLOW",
                        "args": [{ "index": 0, "value": 8, "op": "SCMP_CMP_EQ" }]
                      },
                      {
                        "names": ["personality"],
                        "action": "SCMP_ACT_ALLOW",
                        "args": [{ "index": 0, "value": 131072, "op": "SCMP_CMP_EQ" }]
                      },
                      {
                        "names": ["personality"],
                        "action": "SCMP_ACT_ALLOW",
                        "args": [{ "index": 0, "value": 131080, "op": "SCMP_CMP_EQ" }]
                      },
                      {
                        "names": ["personality"],
                        "action": "SCMP_ACT_ALLOW",
                        "args": [{ "index": 0, "value": 4294967295, "op": "SCMP_CMP_EQ" }]
                      },
                      {
                        "names": ["clone"],
                        "action": "SCMP_ACT_ALLOW",
                        "args": [{ "index": 0, "value": 2114060288, "op": "SCMP_CMP_MASKED_EQ", "valueTwo": 0 }]
                      },
                      {
                        "names": ["arch_prctl"],
                        "action": "SCMP_ACT_ALLOW",
                        "args": [{ "index": 0, "value": 4114, "op": "SCMP_CMP_NE" }]
                      }
                    ]
                  }
    
                  EOF
    
                  echo "=== Mitigation complete. Ensure your Pod's securityContext is configured to use this seccomp profile (type: Localhost, localhostProfile: profiles/seccomp-block-af_alg.json). Sleeping to keep the DaemonSet running. ==="
                  sleep infinity
              resources:
                requests:
                  cpu: 10m
                  memory: 16Mi
                limits:
                  memory: 32Mi
              volumeMounts:
                - name: kubelet-seccomp-root
                  mountPath: /kubelet-seccomp
          volumes:
            - name: kubelet-seccomp-root
              hostPath:
                path: /var/lib/kubelet/seccomp/profiles
                type: DirectoryOrCreate
  2. Apply the manifest to deploy the DaemonSet.

    kubectl apply -f seccomp-block-AF_ALG.yaml
  3. After deployment, verify that the policy file is written to each node.

    # Verify that the DaemonSet is ready on all nodes.
    kubectl -n kube-system get daemonset ack-cve-2026-31431-mitigate
    # Check the logs to confirm the policy was written. The output should include "Mitigation complete".
    kubectl -n kube-system logs -l app=ack-cve-2026-31431-mitigate --tail=3

2. Configure a seccomp profile for an application Pod

The policy file is not applied to Pods automatically. Explicitly reference it in the securityContext of each workload Pod.

  1. Configure the seccomp profile.

    In thesecurityContextof your workload Pod, setseccompProfile type toLocalhost and uselocalhostProfileto specify the path relative to the node's seccomp root directory (/var/lib/kubelet/seccomp).

    securityContext:
      seccompProfile:
        type: Localhost
        localhostProfile: profiles/seccomp-block-af_alg.json
  2. After applying the changes, restart your workload Pods.

  3. Monitor the workload Pods to confirm they run correctly:

    • If Pods start successfully, the seccomp profile is active and mitigation is in effect.

    • If Pods fail to start or crash, roll back the changes immediately.