Impact

This is a local system vulnerability only impacting jammy-stemcells and linux systems. It requires access to a running system and can not be exploited remotely across a network.

The diego cell garden runtime, as documented in the Container Security in VMware Tanzu Platform white paper and container security documentation was assessed by the Tanzu Platform team who reviewed the garden overlay fs file system for cflinuxfs and determined that running VMs are vulnerable to the exploit.

Due to the userspace configuration of the garden runtime the inode mapping between the running container is not the same as the underlying VM, so while the exploit works in a container, it is not actually “root” on the VM and does not have access to the VM outside of the container.

Because all running containers share the same file system there is a possibility that an application would have a possible attack against other containers.

There are still other container segmentations as outlined in the white paper so while it is possible it would still be difficult.

Tanzu Security Risk Reduction

This vulnerability is a Local Privilege Escalation (LPE) in the Linux kernel (crypto: algif_aead). To exploit this vulnerability, an attacker requires local access and low-level privileges (AV:L, PR:L). Within the Tanzu Platform architecture, the primary "entry doors" where unprivileged users can execute arbitrary code are the components responsible for staging and running application containers is extremely limited and controlled through the Tanzu Platform.

​​Mitigation via Bounded Contexts: Components like cflinuxfs4-release (the application rootfs) and the offline buildpacks see their scores reduced (from 7.8 to 6.6) from a Tanzu risk perspective. 

While these are entry doors that execute untrusted code (e.g., during the build/staging phase or as the base filesystem), the CVSS context indicates that within the restricted boundaries of a single container, an Unchanged Scope (MS:U) and Low Confidentiality Impact (MC:L) limit the broader risk if the vulnerability is not chained with a further escape.

Tanzu CVSS v3.1 score: 

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C/CR:H/IR:H/AR:X/MAV:L/MAC:L/MPR:L/MUI:N/MS:U/MC:L/MI:X/MA:X

CVSS Base Score: 7.8

Impact Subscore: 5.9

Exploitability Subscore: 1.8

CVSS Temporal Score: 7.2

CVSS Environmental Score: 7.2

Modified Impact Subscore: 5.9

Overall CVSS Score: 7.2

Tanzu Jammy Stemcell Versions Affected

• All versions before 1.1193

Upstream Advisory:

• Copy Fail
• Copy Fail: 732 Bytes to Root on Every Major Linux Distribution

Copy Fail (CVE-2026-31431) is a logic bug in the Linux kernel's authencesn cryptographic template. It lets an unprivileged local user trigger a deterministic, controlled 4-byte write into the page cache of any readable file on the system. A single 732-byte Python script can edit a setuid binary and obtain root on essentially all Linux distributions

Mitigation

Update to stemcell 1.1193

If you need a temporary mitigation until you can upgrade the stemcell, the kernel module algif_aead can be removed following the steps below which removes this functionality. 

There is a kernel patch expected that will supersede this change in the coming weeks.

The mitigation disables a kernel module that is used for hardware-accelerated cryptography. Applications should gracefully fallback to userspace cryptographic functions, but there is a risk that some do not have this functionality.

Temporary Mitigation

bosh -d <YOUR_DEPLOYMENT_GUID> ssh -c 'echo "install algif_aead /bin/false" > /tmp/disable-algif.conf && sudo su -c "cp /tmp/disable-algif.conf /etc/modprobe.d/disable-algif.conf; rmmod algif_aead || echo Skipping unload module"'

This persists the change through reboots, but a reboot is not necessary because the module is removed in this command.

History
2026-05-01: Initial vulnerability report published.
2026-05-01: Updated with updated temporary mitigation

Contact
E-mail: [email protected]

VMware Tanzu Security Advisories
https://tanzu.vmware.com/security