Copy Fail (CVE-2026-31431) Patches Released
AlmaLinux released updated kernels that fix Copy Fail (CVE-2026-31431).
AlmaLinux just released patched kernels for AlmaLinux 8, 9 and 10 that address the Copy Fail (CVE-2026-31431) vulnerability. These fixes supersede our two rounds (#1 & #2) of unofficial hotfixes for BlueOnyx.
The patched kernels are now rolling out to the AlmaLinux production repositories/mirrors. Just run the following command to get them and yes: The recommendation is to reboot after the updates have been installed. Although we are confident that our hotfix workaround for CVE-2026-31431 holds water, for the best protection you should follow the official procedure and reboot after having installed the official kernel.
sudo dnf clean metadata && sudo dnf upgrade
sudo rebootPlease note: They also mention this that most of their mirrors have a sync frequency of 3 hours. If the updates are not available to you yet we recommend trying again in about an hour.
What's interesting is that they didn't wait for "upstream" patches from RedHat, but proactively went ahead and did this:
Security is a top priority at AlmaLinux, and the severity of this flaw — combined with how trivial it is to exploit — meant we did not want to wait. Patches are not yet available from Red Hat, so our core team has built patched kernels using the upstream fix (mainline commit a664bf3d603d, which reverts the 2017 optimization that introduced the bug). The decision to ship these ahead of a CentOS Stream / RHEL update was made by our technical steering committee, ALESCo.
Patched kernel versions
- AlmaLinux 8 is patched in
kernel-4.18.0-553.121.1.el8_10and above - AlmaLinux 9 is patched in
kernel-5.14.0-611.49.2.el9_7and above - AlmaLinux 10 is patched in
kernel-6.12.0-124.52.2.el10_1and above - AlmaLinux Kitten 10 is patched in
kernel-6.12.0-225.el10and above