Blog

Linux kernel "Copy Fail" vulnerability (CVE-2026-31431)

ServerPilot has applied mitigations to all servers for the Linux kernel vulnerability known as Copy Fail. This vulnerability in the Linux kernel’s algif_aead module allows local privilege escalation and affects all Linux distributions, including Ubuntu.

The Linux kernel’s algif_aead module provides hardware-accelerated cryptographic functions. This module is rarely used and programs that use this module will generally fall back to userspace (non-kernel space) cryptographic functions if the module cannot be loaded.

Affected Ubuntu releases

The vulnerability affects all Ubuntu releases before Ubuntu 26.04.

What we have done

ServerPilot has applied the recommended mitigation to all servers by configuring servers to not load the algif_aead module.

Servers that are not in a healthy state may not have had the mitigation applied. See below for how to verify the mitigation was applied to a server.

What Ubuntu has done

Ubuntu has released an updated version of the kmod package that patches the vulnerability. Servers that have automatic updates enabled (the ServerPilot default) and that are running Ubuntu releases that still receive updates will automatically install the updated kmod package.

Servers that are not in a healthy state may not be able to install the updated kmod package. See below for how to verify the updated kmod package was installed on a server.

What you should do

Confirm the server still receives updates from Ubuntu

Servers running Ubuntu 20.04 or earlier do not receive updates from Ubuntu unless the server is running the paid version of Ubuntu called Ubuntu Pro.

If a server is running Ubuntu 20.04 or earlier and is not running Ubuntu Pro, you should upgrade the server to Ubuntu 22.04 or later.

To determine which Ubuntu release a server is running, either view the server’s OS Info in the ServerPilot dashboard or run the following command on the server:

cat /etc/lsb-release

Confirm the kmod package was updated

To determine the version of the kmod package installed on a server, either view the server’s OS Info in the ServerPilot dashboard or run the following command on the server:

dpkg --list kmod

Next, check if the version is equal to or greater than the patched kmod package version.

Ubuntu releasePatched kmod package version
Ubuntu 26.04Not affected
Ubuntu 24.0431+20240202-2ubuntu7.2
Ubuntu 22.0429-1ubuntu1.1
Ubuntu 20.0427-1ubuntu2.1+esm1
Ubuntu 18.0424-1ubuntu3.5+esm1
Ubuntu 16.0422-1ubuntu5.2+esm1
Ubuntu 14.0415-0ubuntu7+esm1

If the package has not been updated, SSH into your server as root and run the following command to update the kmod package:

sudo apt update && sudo apt install --only-upgrade kmod

Confirm ServerPilot’s mitigation was applied

To confirm ServerPilot’s mitigation was applied, SSH into your server and run the following command:

if [ -f /etc/modprobe.d/serverpilot-disable-algif_aead.conf ]; then echo "File exists"; else echo "File does not exist"; fi

If the output from the above command is File exists, the mitigation was applied.

Contact support

If you have questions about your server, please contact support.