SiteHost

Linux vulnerability ‘Copy Fail’ - we’ve already patched Cloud Containers and managed servers

We’ve already patched Cloud Containers and managed servers against a zero-day vulnerability in Linux, affecting all versions shipped since 2017.

.
/
Date
Photo of a padlock and keys with a laptop in the background.

A newly discovered vulnerability threatens every Linux distribution shipped since 2017. 

According to Xint, the security researchers who discovered the vulnerability, CVE-2026-31431 (also known as Copy Fail) makes it possible for “unprivileged local users [to] write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root access”.

Cloud Containers and managed servers are already patched

We have acted fast and patched Linux on the Cloud Container platform and on all managed servers (Virtual Servers, VDS, Dedicated Servers). In all of these cases, Copy Fail is no longer a vulnerability. 

If you have any unmanaged servers, it’s your responsibility to patch Linux. We recommend acting as quickly as possible.

  • Running Ubuntu? See their CVE-2026-31431 security page.

  • The Debian security tracker shows which versions are fixed.

  • For AlmaLinux the situation can be different. If you’re running CloudLinux on top of AlmaLinux, Copy Fail is less severe but you will need to check through binaries that are allowed for individual users. If you’re running AlmaLinux alone, the severity is as high as for any other distro. They're yet to release a fix as we’re writing this, but we will keep an eye on their progress.

You can expect more of this

Earlier this year we reported that web security is changing. Thanks to automated, AI-driven tools, hundreds of new software vulnerabilities are now reported every day. Copy Fail is a good example of a severe vulnerability that went undiscovered for almost a decade before modern technology made it so much easier to probe for weaknesses.

If you are managing your own servers, you need to be prepared for a future where CVEs are harder to keep up with, urgent patching is required more often, and malicious actors are better equipped than ever.

Chart showing a sharp increase in CVES over the last 3 years.With Server Management, patches like these almost take care of themselves

This is another example of how valuable Server Management can be when high severity bugs are found. If we manage your Virtual Server, VDS or Dedicated Server for you, we jump to attention on your behalf. In an ideal world you wouldn’t even hear about bugs like Copy Fail until after we’ve quickly protected your server against them.

Get in touch with us today and we can talk about adding Server Management and taking worries like Copy Fail off your mind.

Photo by mariaenithmae from Pixabay.