# Advisory on CVE-2026-31431

On April 30, 2026, the Linux kernel security team disclosed a vulnerability in the Linux kernel affecting the cryptographic API subsystem.

This vulnerability, known as **Copy Fail**, is a local privilege escalation flaw in the Linux kernel. A logic bug allows an unprivileged local user to gain root access on affected systems without requiring memory corruption or race conditions. A working public exploit is available that functions across major Linux distributions.

CVE-2026-31431 is assigned to this vulnerability and classified as **High** severity with a CVSS score of **7.8** by the Linux kernel CVE team.

## Impacted IONOS CLOUD products

| Product Ranges | Product                                                                                                                      | Impacted | Mitigated      | Patch Status   |
| -------------- | ---------------------------------------------------------------------------------------------------------------------------- | -------- | -------------- | -------------- |
| Compute        | [<mark style="color:blue;">Compute Engine (vCPU)</mark>](/cloud/compute-services/compute-engine/vcpu-server.md)              | No       | Not Applicable | Not Applicable |
| Compute        | [<mark style="color:blue;">Compute Engine (Dedicated Core)</mark>](/cloud/compute-services/compute-engine/dedicated-core.md) | No       | Not Applicable | Not Applicable |
| Container      | [<mark style="color:blue;">Managed Kubernetes</mark>](/cloud/containers/managed-kubernetes.md)                               | Yes      | In Progress    | In Progress    |
| Storage        | [<mark style="color:blue;">Block Storage</mark>](/cloud/backup-and-storage/block-storage.md) (HDD or SSD)                    | No       | Not Applicable | Not Applicable |
| Storage        | [<mark style="color:blue;">IONOS CLOUD Object Storage</mark>](/cloud/backup-and-storage/ionos-object-storage.md)             | Yes      | In Progress    | In Progress    |

## Risk on IONOS CLOUD user environment

Users running Linux-based virtual machines on <code class="expression">space.vars.ionos\_cloud</code> infrastructure must assess whether their guest operating systems are running vulnerable kernel versions. A local user on an affected guest system may be able to escalate privileges to root. <code class="expression">space.vars.ionos\_cloud</code> managed services that are listed as impacted are being actively remediated; <code class="expression">space.vars.ionos\_cloud</code> infrastructure manages access controls to those environments and there is no known direct exposure to end users from the affected services at this time.

## What action has IONOS CLOUD taken to mitigate the vulnerability?

<code class="expression">space.vars.ionos\_cloud</code> is aware of this vulnerability and has already initiated the required steps to mitigate this vulnerability. For Compute Engine infrastructure, our custom kernel configuration does not include the affected module, and those systems are not vulnerable. For impacted managed services, we are actively applying vendor-supplied patches and have confirmed that the affected kernel modules are not loaded on critical infrastructure nodes pending full remediation.

We will provide necessary updates as we learn more.

## What action can you take to mitigate the vulnerability?

If you run Linux-based virtual machines on <code class="expression">space.vars.ionos\_cloud</code>, apply the latest security updates from your Linux distribution vendor as soon as they become available. Patched packages have been released by Ubuntu, Red Hat, Debian, SUSE, and Fedora. Refer to your distribution's security tracker for patch availability. If a patch is not yet available for your kernel version, you can reduce risk by preventing the affected kernel module from loading until a patch is applied.

## How can I get help?

If you have further questions or concerns about this vulnerability, contact [<mark style="color:blue;">IONOS CLOUD Support</mark>](https://docs.ionos.com/cloud/support/general-information/contact-information).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ionos.com/cloud/security-safeguards/vulnerability-register/2026/cve-2026-31431.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.