The AlmaLinux OS Foundation has released critical kernel updates to address CVE-2026-31431, a high-severity vulnerability known as "Copy Fail". In a proactive move for security, the AlmaLinux core team and the Technical Steering Committee (ALESCo) made the decision to build and ship these patches ahead of their upstream (Red Hat).
Table of Contents
Patched Kernels Now in Production Repositories of AlmaLinux
As of May 1, 2026, patched kernels are officially available in production repositories. Users no longer need to enable the testing repository to secure their Alma Linux systems.
To apply the Copy Fail (CVE-2026-31431) patch in AlmaLinux, run the following commands:
sudo dnf clean all
sudo dnf upgrade
sudo reboot
Why Copy Fail Patch is Mandatory
For those unaware, Copy Fail is a straight-line logic flaw in the Linux kernel's cryptographic subsystem that allows any unprivileged local user to escalate to root privileges with 100% reliability.
- The Exploit: A simple 732-byte Python script can trigger a deterministic 4-byte write into the system's page cache.
- Stealth: Because the attack corrupts the in-memory version of a file (like
/usr/bin/su) rather than the version on disk, standard file integrity tools will not detect any changes. - Container Escape: On multi-tenant hosts or container build farms, this bug serves as a container escape mechanism because the page cache is shared across the entire host.
To protect your AlmaLinux systems, you need to apply this patch as soon as possible.
Patched Kernel Versions in AlmaLinux
Verify your system is running one of the following versions (or higher) by using uname -r:
| Release | Patched Kernel Version |
|---|---|
| AlmaLinux 8 | 4.18.0-553.121.1.el8_10 |
| AlmaLinux 9 | 5.14.0-611.49.2.el9_7 |
| AlmaLinux 10 | 6.12.0-124.52.2.el10_1 |
| AlmaLinux Kitten 10 | 6.12.0-225.el10 |
AlmaLinux Used the Mainline Fix
While all supported AlmaLinux releases were affected, the core team utilized the mainline community fix (commit a664bf3d603d) to protect users while official patches from Red Hat were still being finalized.
Thanks to AlmaLinux core team, AlmaLinux users are now protected from this widespread flaw, which has been present in Linux distributions since 2017.
For further details, you can review the official AlmaLinux errata for your version: AlmaLinux 8, AlmaLinux 9, or AlmaLinux 10.
Related Read:
