Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This page provides up-to-date information on security vulnerabilities affecting Azure Kubernetes Service(AKS) and its components. This information includes details on:
- Critical Security Advisories - High-impact security vulnerabilities, including zero-day vulnerabilities and other critical CVEs requiring immediate attention, along with mitigation guidance.
- Ongoing Security Investigations - Security issues under review, including CVEs where a patch isn't yet available or further assessment is needed.
- False Positives & Non-Exploitable CVEs - Cases where a reported CVE doesn't impact AKS due to specific configurations, mitigations, or lack of exploitability.
These updates cover security information related to the following AKS components:
- Azure Kubernetes Service (AKS)
- Azure Kubernetes Service Node Image (AKS Node Image)
- Azure Kubernetes Service Addons (AKS add-ons)
AKS-2026-0003 AKS Advisory & Mitigation Guide for CVE-2026-31431 (Copy Fail)
Published Date: May 1, 2026
Description
This bulletin provides an update on a local privilege escalation (LPE) vulnerability that was publicly disclosed on April 29, 2026 affecting the Linux kernel's algif_aead module. This vulnerability has been assigned CVE-2026-31431 and is referred to as "Copy Fail".
- CVSS Score: 7.8 HIGH (
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) - Attack Vector: Local — requires code execution on the node (e.g., from a container)
- Affected Component:
algif_aeadkernel module (hardware-accelerated cryptographic functions) - Canonical Advisory: https://ubuntu.com/blog/copy-fail-vulnerability-fixes-available
References
Affected Components
Affected Versions
All current AKS Linux nodes are exploitable
Although
algif_aeadis not loaded by default on AKS nodes, the Linux kernel's module auto-loading mechanism (request_module) will automatically load it on demand when any process — including unprivileged containers — creates an AF_ALG socket with AEAD type. This means:An attacker with code execution in any pod (even non-root) can escalate to root on the node
No special pod privileges, capabilities, or host access are required
The exploit has been confirmed working on AKS nodes from a non-root pod (UID 1000)
| OS | Kernel | Module auto-loads? | Exploitable? |
|---|---|---|---|
| Ubuntu 20.04 FIPS | 5.4.0-1160-azure-fips | ✅ Yes | ⚠️ Yes |
| Ubuntu 22.04 | 5.15.0-1102-azure | ✅ Yes | ⚠️ Yes |
| Ubuntu 24.04 | 6.8.0-1052-azure | ✅ Yes | ⚠️ Yes |
| AzureLinux 3.0 | 6.6.130.1-3.azl3 | ✅ Yes | ⚠️ Yes |
- AzureLinux 2.0 (Mariner) and Windows nodes are not affected.
Resolutions
The AKS team is deploying a mitigation that blocks the module from auto-loading via modprobe configuration (install algif_aead /bin/false). This prevents the kernel from loading the vulnerable module even when triggered by an application.
This mitigation is being applied to:
- ✅ New VHDs (baked into VHD image builds for
v20260413andv20260424) - ✅ New nodes created from patched VHDs will be protected automatically
Monitor the hotfix rollout status in AKS Advisory
![IMPORTANT] Existing nodes created before the hotfix VHD is available are NOT protected and remain exploitable. We strongly recommend applying the self-service mitigation described in AKS Advisory.
AKS-2026-0002 gRPC-Go Authorization Bypass via Missing Leading Slash in :path
Published Date: March 20, 2026
Description
This bulletin provides an update regarding a recently disclosed vulnerability (CVE-2026-33186) in gRPC-Go (google.golang.org/grpc). The gRPC-Go server accepted HTTP/2 requests where the :path pseudo-header omitted the mandatory leading slash (for example, Service/Method instead of /Service/Method). While the server routed these requests to the correct handler, authorization interceptors - including the official grpc/authz package - evaluated the raw, noncanonical path string. As a result, deny rules defined using canonical paths (starting with /) failed to match, allowing requests to bypass the policy if a fallback allow rule was present.
AKS is aware of the vulnerability. However, the specific exploit conditions - path-based role-based access control (RBAC) interceptors with deny rules and an allow-by-default fallback - are not present in AKS managed components. AKS doesn't use the grpc/authz package, and custom interceptors in AKS services use JWT-based authentication that doesn't rely on path-matching deny rules. AKS control plane gRPC services also aren't directly exposed to untrusted clients. As a defense-in-depth measure, AKS is upgrading all internal gRPC-Go dependencies to v1.79.3 or later.
References
Affected Components
Affected Versions
- None
Resolutions
- AKS doesn't use path-based gRPC authorization interceptors susceptible to this bypass. AKS clusters aren't vulnerable to this issue.
- Although AKS isn't affected, gRPC-Go dependencies across all AKS services are being upgraded to v1.79.3 or later as a preventive measure.
- No customer action is required. Customers running their own gRPC-Go services on AKS should review whether they use path-based authorization interceptors (for example,
grpc/authz) and upgrade to gRPC-Go v1.79.3 or later if affected.
AKS-2026-0001 TLS 1.2 Handshake Enforcement with Extended Master Secret (EMS) in AKS v1.34
Published Date: March 5, 2026
Description
This bulletin provides an update regarding a change in Go 1.25 to reject TLS 1.2 handshake without extended master secret (EMS) when FIPS mode is enabled. Starting AKS v1.34, Kubernetes control plane components are built with Go 1.25 and FIPS‑validated cryptographic modules, which enforce EMS for TLS 1.2 connections on FIPS nodes. When FIPS mode is active, TLS 1.2 handshakes that don't include the EMS extension are rejected. This enforcement applies to both TLS clients and servers implemented using the Go standard library. Before Go 1.21, Go TLS clients didn't send the EMS extension by default for TLS 1.2 connections. As a result, applications built with older Go versions (Go <1.21) might fail to establish TLS connections to FIPS‑enabled AKS components after upgrading to AKS v1.34. This behavior can affect:
- Client applications communicating with the Kubernetes API server
- Admission webhooks and other webhook servers registered with the kube‑apiserver
References
Affected Components
Affected Versions
- AKS v1.34 if your applications are built with Go < 1.21
Resolutions
- Rebuild applications using Go 1.21 or later
- Microsoft strongly recommends upgrading to a currently supported Go version
AKS-2025-0013 Portworx Half-Blind SSRF in kube-controller-manager
Published Date: December 1, 2025
Description
This bulletin provides an update regarding a recent vulnerability in the Kubernetes kube-controller-manager when using the in-tree Portworx StorageClass. This issue allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).
The in-tree Portworx StorageClass is disabled by default starting in Kubernetes v1.31 via the CSIMigrationPortworx feature gate. As a result, currently supported versions ≥ v1.32 aren't impacted unless the CSIMigrationPortworx feature gate is manually disabled.
References
Affected Components
Affected Versions
- AKS v1.28-akslts
- AKS v1.29-akslts
- AKS v1.30-akslts
Resolutions
- A security patch is rolled out for the impacted lts versions.
- No action is required. The patch is automatically applied to your cluster during your configured or default maintenance window.
AKS-2025-0012 Runc CVEs - CVE-2025-31133, CVE-2025-52565, CVE-2025-52881
Published Date: November 7, 2025
Description
The bulletin provides an update regarding the recent vulnerabilities (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) disclosed from runc.
References
Affected Components
Affected Versions
- Linux node image versions before 202511.07.0
Resolutions
- Newer node image versions are available. Upgrade Linux node image version to
- 202511.07.0
- or later. You can check the latest node image versions from AKS release notes.
AKS-2025-0011 Malicious NPM Packages used in Supply Chain Attacks
Published Date: October 1, 2025
Description
This bulletin provides an update on Node Package Manager (NPM) packages being compromised. A recent series of NPM supply chain attacks resulted in packages being used to perform malicious activity such as delivering malware or stealing credentials. The vulnerability does not impact Azure Kubernetes Service (AKS), as Node.js is not used in any AKS core or managed components.
References
Affected Components
Affected Versions
- None
Resolutions
- These attacks don't affect AKS, because AKS doesn't use Node.js in any core or managed components. No customer action is required.
AKS-2025-0010 Nodes can delete themselves by adding an OwnerReference
Published Date: August 15, 2025
Description
A security issue exists in the Kubernetes NodeRestriction admission controller that could allow node users to delete their own node object by patching it with an OwnerReference to a cluster-scoped resource. If the referenced resource or the node object is deleted, Kubernetes garbage collection may remove the node object. This issue arises because node users are authorized to perform create and patch operations, but not delete. A compromised node could exploit this issue to recreate its node object with modified taints or labels, potentially influencing pod scheduling and gaining control over workloads
References
Affected Components
Affected Versions
Resolutions
- A security patch is rolled out in 20250720 and 20250808 release. You can check the release status from AKS release tracker.
- No action is required. The patch is automatically applied to your cluster during your configured or default maintenance window.
AKS-2025-009 Important Security Update for Calico Users
Published Date: July 21, 2025
Description
This bulletin provides an update on the security patching model for Calico in Azure Kubernetes Service (AKS). AKS-managed Calico and Tigera Operator are now fully aligned with upstream Calico releases and Tigera Operator releases. This alignment means that AKS no longer independently patches Calico and Tigera operator images and instead mirrors upstream builds directly.
As a result, CVEs affecting Calico and Tigera Operator remain unpatched in AKS until a fix is available upstream. This change ensures consistency with upstream behavior and improves transparency in patch timelines.
References
Affected Components
Affected Versions
- All AKS supported versions using AKS managed Calico
Resolutions
- No immediate action is required. Customers are encouraged to monitor upstream Calico releases and the AKS CVE Status Tracker for updates.
- If this change creates an unreasonable security burden, you may remove calico by setting network-policy to none.
AKS-2025-008 Nodes can bypass dynamic resource allocation authorization checks
Published Date: June 19, 2025
Description
A security issue exists in Kubernetes related to the DynamicResourceAllocation feature. When enabled, this feature may allow users with pod creation privileges to escalate privileges or access unauthorized resources on the node.
This vulnerability only affects clusters where the DynamicResourceAllocation feature is explicitly enabled.
References
Affected Components
Affected Versions
- None
Resolutions
- AKS doesn't support or enable the
DynamicResourceAllocationfeature in any supported version. AKS clusters aren't vulnerable to this issue. - Although AKS isn't affected, the upstream fix is included in the following AKS cluster versions:
- AKS 1.32.6
- AKS 1.33.2
- No customer action is required unless you're preparing for future use of this feature. Customers are encouraged to upgrade to the fixed versions once available.
AKS-2025-007 Important Security Update for Kubernetes Nginx Ingress Controller
Published Date: March 24, 2025
Description
Several security vulnerabilities affecting the Kubernetes nginx ingress controller were disclosed on March 24, 2025: CVE-2025-1098 (High), CVE-2025-1974 (Critical), CVE-2025-1097 (High), CVE-2025-24514 (High), and CVE-2025-24513 (Medium).
The CVEs impact ingress-nginx. (If ingress-nginx isn't installed on your cluster, you aren't affected.)
You can check for ingress-nginx by running kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx .
References
Affected Components
Affected Versions
- < v1.11.0
- v1.11.0 - 1.11.4
- v1.12.0
Resolutions
If you're using the Managed NGINX ingress with the application routing add-on on AKS, the patches are getting rolled out to all regions with the AKS v2050316 release. No action is required. You can check the release status from AKS release tracker.
If you're running your own Kubernetes NGINX Ingress Controller, review the CVEs and mitigate by updating to the latest patch versions (v1.11.5 and v1.12.1).
AKS-2025-006 GitRepo Volume Inadvertent Local Repository Access
Published Date: March 13, 2025
Description
A security vulnerability was discovered in Kubernetes that could allow a user with create pod permission to exploit gitRepo volumes to access local git repositories belonging to other pods on the same node. This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Because the in-tree gitRepo volume feature is deprecated and doesn't receive security updates from Kubernetes upstream, any cluster still using this feature remains vulnerable.
References
Affected Components
Affected Versions
- All AKS cluster versions
Resolutions
Because the in-tree gitRepo volume feature is deprecated, there's no fix available for the CVE.
To ensure only allowed volume types are allowed, assign Azure built-in policy definition- Kubernetes cluster pods should only use allowed volume types in enforce mode to your AKS clusters that blocks deployments with gitRepo volume usage. You may view the allowed volume types here. For detailed steps on how to enable Azure Policy on your AKS cluster, review Secure your Azure Kubernetes Service (AKS) clusters with Azure Policy.
AKS-2025-005 Important Security Update for Calico v3.26 Users
Published Date: March 24, 2025
Description
Multiple security issues exist in Calico version 3.26, which is now end of life and no longer receives security fixes. If you're using Calico version 3.26 on AKS Cluster version 1.29.x or earlier, you no longer receive security patches for Calico.
References
Affected Components
Affected Versions
- AKS version 1.29 and earlier
Resolutions
Upgrade AKS cluster version to 1.30 or later that uses Calico version 3.28
AKS-2025-004 Issue in ancillary function driver for WinSock in Windows
Published Date: February 11, 2025
Description
A security issue was discovered in the ancillary function driver for WinSock in Windows. This vulnerability allows attackers to exploit network communication flaws, potentially leading to elevation of privilege.
References
Affected Components
Affected Versions
- Windows version 17763.6775.250117
- Windows version 20348.3091.250117
- Windows version 25398.1369.250117
Resolutions
Upgrade Windows node image version to:
- Windows version 17763.6775.250214
- Windows version 20348.3091.250214
- Windows version 25398.1369.250214
- or later
AKS-2025-003 Elevation of Privilege in Windows Storage
Published Date: February 11, 2025
Description
A security issue was discovered in Windows Storage that allows attackers with low-level access to exploit system flaws and gain higher privileges. This vulnerability can potentially lead to the execution of arbitrary code or access to sensitive data.
References
Affected Components
Affected Versions
- Windows version 17763.6775.250117
- Windows version 20348.3091.250117
- Windows version 25398.1369.250117
Resolutions
Upgrade Windows node image version to:
- Windows version 17763.6775.250214
- Windows version 20348.3091.250214
- Windows version 25398.1369.250214
- or later
AKS-2025-002 NTLM Hash Disclosure Spoofing
Published Date: February 11, 2025
Description
A security issue was discovered that exposes Windows users' NTLM hashes. This type of vulnerability can lead to pass-the-hash attacks, where a remote attacker captures and later uses a hash to impersonate a user without needing the plain-text password.
References
Affected Components
Affected Versions
- Windows version 17763.6775.250117
- Windows version 20348.3091.250117
- Windows version 25398.1369.250117
Resolutions
Upgrade Windows node image version to:
- Windows version 17763.6775.250214
- Windows version 20348.3091.250214
- Windows version 25398.1369.250214
- or later
AKS-2025-001 ServerConfig.PublicKeyCallback Issue in golang/crypto
Published Date: December 11, 2024
Description
A security issue was discovered in the ServerConfig.PublicKeyCallback callback, which may be susceptible to an authorization bypass. This vulnerability arises when applications and libraries misuse the connection.serverAuthenticate method. Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. This issue can lead to incorrect authorization decisions based on keys that the attacker doesn't actually control
AKS is aware of the vulnerability. However, this CVE isn't exploitable for kubernetes. The vulnerability only affects those users who are using the PublicKeyCallback API. Since golang doesn't use this API in the Kubernetes setup, and the only use of the entire package is within a test suite golang.org/x/crypto isn't vulnerable. The vulnerability is patched in the upcoming Kubernetes release 1.33.
References
Affected Components
Affected Versions
- AKS version 1.32 and earlier
Resolutions
Fix will be available in AKS cluster version 1.33
Next Steps
- Get updates about the CVE mitigation status with CVE Status.
- Get updates about the latest node images with AKS release notes.
- Learn how to upgrade the AKS node image with Upgrade Azure Kubernetes Service (AKS) node images.
- Learn how to automatically upgrade node images with Automatically upgrade node images.
- Learn how to upgrade the Kubernetes version with Upgrade an AKS cluster.
- Learn how to to safely upgrade to a consistent node image across multiple clusters with Azure Kubernetes Fleet Manager.