Mitigating 'Copy Fail' Vulnerability (CVE-2026-31431) using Advanced Cluster Management Governance Policy

Solution Verified - Updated -

Issue

This article outlines two mitigation strategies for the "Copy Fail" vulnerability (CVE-2026-31431, referenced in RHSB-2026-02 and Red Hat Knowledgebase article 7141931) using a Governance Policy within Red Hat Advanced Cluster Management for Kubernetes (ACM). Below two options are provided to block access to the vulnerable kernel functions can be blocked either through a kernel argument or via a DaemonSet which deploys a small eBPF program blocking access. For more details on mitigations for OpenShift refer to the solution How to Mitigate issue mentioned in CVE-2026-31431 in OpenShift 4.

Environment

  • Red Hat Advanced Cluster Management for Kubernetes (RHACM)
    • 2.11+
  • Red Hat OpenShift Container Platform (RHOCP)
    • 4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content