®
®
The Linux Kernel Local Privilege Escalation Vulnerability ("Copy Fail") was fixed on our server.
Posted 2026-05-07
Categories:
News
A local privilege escalation (LPE) vulnerability affecting the Linux kernel has been publicly disclosed on April 29, 2026. The vulnerability has been assigned CVE ID CVE-2026-31431 and is referred to as Copy Fail. The affected component is a kernel module that provides hardware-accelerated cryptographic functions: algif_aead. The vulnerability affects all Ubuntu releases before Resolute (26.04) and has a high severity.
What does it do?In short, an unprivileged local user can write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root.
On hosts that do not run container workloads, the vulnerability allows a local user to elevate privileges to the root user. The published exploit executes in this type of deployment. In container deployments that may execute potentially-malicious workloads, the vulnerability may facilitate container escape scenarios.
FixesOn May 1, fixes were available on ubuntu.com and we have updated all packages, installed kmod and upgraded all packages. Finally, we rebooted the system. The vulnerability has been closed on our server.
There was no impact to the Cableizer environment, no customer data was at risk, and no services were disrupted.