Dear de.NBI Cloud Tübingen users,
following up on the "[de.NBI Cloud Tuebingen Production] Security Warning - Copy Fail Vulnerability" mail last Thursday, we want to announce a maintenance today at 1PM CEST. Your Virtual Machines (VMs) will not be reachable for a short amount of time, but they will still continue working.
We are also preparing a more extensive patch and updates on all our system by the end of this week or the next week. This maintenance may shutdown your VMs, so they need to be restarted afterwards. We will announce it in a separate future mail, so you can prepare for it by finishing and saving any calculations in time.
Regarding the fix on your VMs themselves, we recommend following patches, depending on your VMs' Operating Systems:
AlmaLinux: https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
Ubuntu: https://ubuntu.com/blog/copy-fail-vulnerability-fixes-available
We still recommend checking the following steps from the last mail afterwards:
- check for signs of compromise:
- are there any public keys you dont know about
- do the setuid binaries have the correct checksum
- are the additional setuid binaries on the system
- was the sudoers config altered
- were the group memberships altered
- are there unknown processes or services
- if so notify us
- on multi-users or container systems: rotate/disable all of your potentially compromised private keys and passwords.
More details on the vulnerability (CVE-2026-31431) can be found here: https://copy.fail/
If you have questions contact us via denbi@zdv.uni-tuebingen.de. As for now we wish you a good start into the week!
On behalf of the de.NBI Cloud Tübingen team,
Fabian Paz