diff --git a/disable-algif-aead/README.md b/disable-algif-aead/README.md new file mode 100644 index 0000000..2304fd7 --- /dev/null +++ b/disable-algif-aead/README.md @@ -0,0 +1,37 @@ +# Mitigation Advice for CVE-2026-31431 (Copy Fail) + +This document provides immediate mitigation steps for CVE-2026-31431. While waiting for patched node images to roll out, you can protect your clusters using the following methods. + +## GKE Standard Nodes running Container-Optimized OS (COS) +For GKE Standard nodes running Container-Optimized OS, you can set the `initcall_blacklist=algif_aead_init` kernel parameter on your nodes to disable the impacted functionality. + +You can apply the privileged DaemonSet (`cos-disable-algif-aead.yaml`) provided in this directory to set this kernel parameter. Be mindful that this tool immediately reboots nodes; you can use the `cloud.google.com/gke-algif-aead-disabled` node label to control the application of the DaemonSet. This option will block legitimate usage of this kernel behavior as well as malicious usage. + +**Deployment Instructions:** +1. Label your target nodes to control the rollout: +```bash +kubectl label nodes cloud.google.com/gke-algif-aead-disabled=true +``` +2. Apply the DaemonSet: +```bash +kubectl apply -f cos-disable-algif-aead.yaml +``` + +### ⚠️ Known Limitations +* **Secure Boot:** This mitigation does not work if Secure Boot is enabled. The init container will never finish initializing because Secure Boot prevents changes to the kernel command line boot options. +* **Spot Nodes:** We've received reports that this mitigation is intermittently failing on Spot (Preemptible VM) nodes due to cgroup configuration errors during container initialization, however we have been unable to reproduce this. +* **Node Reboots:** Applying this DaemonSet will immediately reboot the affected nodes. + +## GKE Standard Nodes running Ubuntu +For GKE Standard nodes running Ubuntu, you can blacklist the `algif_aead` module on your nodes (for example, by using a privileged DaemonSet) with the following commands: + +```bash +echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif-aead.conf +rmmod algif_aead 2>/dev/null +``` + +## GKE Autopilot (and Alternative for Standard) +GKE Autopilot does not allow running privileged daemonsets, and therefore must be mitigated by applying a [custom seccomp profile to your workloads to block AF_ALG socket creation](../spo-seccomp-mitigation). This also works as an alternative mitigation method for GKE Standard clusters. + +--- +*Note: We do not recommend relying on containers as a strict security boundary. For stronger isolation, consider using GKE Sandbox, network policies and the guidance found at [https://docs.cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster](https://docs.cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster).* diff --git a/spo-seccomp-mitigation/README.md b/spo-seccomp-mitigation/README.md index 1f49802..acaa860 100644 --- a/spo-seccomp-mitigation/README.md +++ b/spo-seccomp-mitigation/README.md @@ -2,6 +2,8 @@ This directory provides a mitigation for CVE-2026-31431 using the Kubernetes Security Profiles Operator (SPO). It uses a custom `SeccompProfile` that copies containerd's default allowed syscalls but blocks both `AF_VSOCK` and `AF_ALG` (socket family 38). +This is the recommended mitigation for GKE Autopilot clusters and environments where running privileged DaemonSets is not allowed. + ## Instructions **1. Install the Security Profiles Operator (SPO)** @@ -17,7 +19,7 @@ kubectl apply -f seccomp-profile.yaml **3. Enable Binding on the Namespace** For the binding to take effect, you must label the target namespace to permit the Security Profiles Operator to modify pods within it: ```bash -kubectl label ns my-namespace spo.x-k8s.io/enable-binding=true +kubectl label ns spo.x-k8s.io/enable-binding=true ``` **4. Bind the Profile to Containers** @@ -28,3 +30,6 @@ kubectl apply -f profile-binding.yaml **5. Restart Existing Pods** The binding is applied via a mutating webhook during pod creation. Existing pods must be restarted or recreated to pick up the new profile and be protected. + +--- +*Note: We do not recommend relying on containers as a strict security boundary. For stronger isolation, consider using GKE Sandbox.*