2026-005: High Vulnerability in the Linux Kernel ("Copy Fail")

CERT-EU advisory for CVE-2026-31431 (“Copy Fail”) describes a local privilege escalation in the Linux kernel’s algif_aead (AF_ALG) module affecting mainstream kernels built since 2017; a PoC is public, the upstream fix was committed on 1 April 2026 but vendor patches were not yet shipped as of 30 April 2026, and recommended mitigations include disabling the algif_aead module and blocking AF_ALG sockets via seccomp (priority given to Kubernetes nodes and CI/CD runners).