CVE-2026-31431 (CopyFail) mitigation applied to server images
We have applied a security mitigation for CVE-2026-31431 (CopyFail vulnerability) across all supported server images. The following operating systems now include this fix:
- Debian 12
- Debian 13
- Ubuntu 22.04
- Ubuntu 24.04
- Ubuntu 26.04
The mitigation blacklists the affected kernel modules at boot and prevents them from loading. No customer action is required. Newly deployed servers automatically include this protection.
Workaround for Existing Servers
For servers deployed before this update, you can manually apply the mitigation by disabling the algif_aead kernel module. We recommend this workaround for all Linux distributions.
Run the following commands as root:
12echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.confrmmod algif_aead 2>/dev/null || true
This works on all major distributions:
- Debian family: Debian, Ubuntu
- Red Hat family: RHEL, AlmaLinux, Rocky Linux
- SUSE family: SUSE, openSUSE
- Other distributions: Arch Linux, Gentoo, Amazon Linux, Oracle Linux
The first command prevents the module from loading on future boots. The second unloads it immediately if it's currently loaded.