[cfarm-users] Impact of CVE-2026-31431 / copy.fail on cfarm
Baptiste Jonglez
baptiste at bitsofnetworks.org
Fri May 1 23:34:48 CEST 2026
Hello,
As many of you might have guessed already, the recently published
vulnerability CVE-2026-31431 has a high impact on cfarm because all users
have SSH access to shared machines.
We patched the vulnerability as soon as we have been made aware of it:
- on April 29th at 21:30 UTC, we deployed the documented workaround
(module blacklisting) on all Linux machines
- on May 1st at 21:00 UTC, we deployed an additional workaround via kernel
cmdline on a few machines (Rocky / AlmaLinux), after somebody helpfully
pointed out that RedHat kernels have a specific config that prevents the
first workaround from working [3]
- kernel versions have been upgraded where practical (that is, when the OS
vendor has been providing quick updates)
As far as we know, the vulnerability has not been exploited on cfarm, but
it's hard to be sure. Please report any security-related incident or
suspicion to cfarm-admins @ lists.tetaneutral.net.
As a reminder, as a shared platform, cfarm should not be used to work on
critical/private data or to perform security-sensitive tasks.
More info on the CVE:
[1] https://copy.fail/
[2] https://www.openwall.com/lists/oss-security/2026/04/29/23
[3] https://www.openwall.com/lists/oss-security/2026/04/30/2
Baptiste
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.tetaneutral.net/pipermail/cfarm-users/attachments/20260501/b4a3a75e/attachment.sig>
More information about the cfarm-users
mailing list