We are reaching out to keep you informed about a recently disclosed Linux kernel vulnerability, CVE-2026-31431 ("Copy Fail"), and to confirm that we have already taken action to protect your environment.

https://copy.fail/#exploit

This vulnerability exploits a logic flaw in the kernel's crypto API (AF_ALG) that allows an unprivileged local user to gain root access. It affects all major Linux distributions in that window, including Ubuntu, RHEL, Amazon Linux, and SUSE.

We have already implemented the recommended workaround: disabling the algif_aead kernel module. This fully closes the attack vector while a kernel patch is applied. We are also in the process of applying the upstream kernel patch (mainline commit a664bf3d603d) across affected systems.

This mitigation has no measurable impact on your workloads.
We are monitoring the situation and will confirm once all systems are fully patched.