Use cases
Software Products E-commerce MSPs Schools Development & Marketing DevOps Agencies Help Desk
Company
Internet Status Blog Pricing Log in Get started free

Outage in Linode

(Copy Fail) Linux Kernel Local Privilege Escalation Vulnerability [CVE-2026-31431]

Resolved Minor
May 01, 2026 - Started 24 days ago - Lasted 4 days
Official incident page

Incident Report

Summary AI Generated

Linode responded to the "Copy Fail" Linux kernel local privilege escalation vulnerability (CVE-2026-31431) that affected all Linux virtual machines across their global infrastructure, including compute instances, Kubernetes clusters, storage, and networking services. The vulnerability posed risks of privilege escalation and potential container escapes for customers running untrusted workloads. After a 100.5-hour investigation, Linode published detailed mitigation guidance and recommended that customers apply patches to all affected Linux systems.

Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers. Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads. We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected. [1] https://www.akamai.com/legal/security
Components affected
Linode US-Central (Dallas) Block Storage Linode EU-Central (Frankfurt) Object Storage Linode EU-West (London) Linode US-Southeast (Atlanta) Backups Linode AP-West (Mumbai) NodeBalancers Linode US-West (Fremont) Backups Linode EU-West (London) NodeBalancers Linode AP-Southeast (Sydney) Backups Linode CA-Central (Toronto) NodeBalancers Linode US-Southeast (Atlanta) Linode US-Central (Dallas) Backups Linode AP-Northeast-2 (Tokyo 2) Linode US-East (Newark) Object Storage Linode AP-West (Mumbai) Kubernetes Engine Linode AP-Northeast-2 (Tokyo 2) NodeBalancers Linode CA-Central (Toronto) Kubernetes Engine Linode AP-Northeast-2 (Tokyo 2) Block Storage Linode EU-Central (Frankfurt) Linode US-East (Newark) Block Storage Linode AP-South (Singapore) Kubernetes Engine Linode US-East (Newark) Backups Linode US-East (Newark) Linode US-East (Newark) Kubernetes Engine Linode AP-Southeast (Sydney) NodeBalancers Linode US-West (Fremont) Kubernetes Engine Linode EU-West (London) Backups Linode AP-West (Mumbai) Block Storage Linode EU-Central (Frankfurt) Kubernetes Engine Linode AP-West (Mumbai) Linode AP-Northeast-2 (Tokyo 2) Kubernetes Engine Linode US-Southeast (Atlanta) NodeBalancers Linode US-Central (Dallas) Kubernetes Engine Linode US-West (Fremont) NodeBalancers Linode CA-Central (Toronto) Block Storage Linode AP-West (Mumbai) Backups Linode EU-Central (Frankfurt) Backups Linode EU-West (London) Block Storage Linode AP-South (Singapore) Object Storage Linode US-Central (Dallas) Linode AP-Northeast-2 (Tokyo 2) Backups Linode CA-Central (Toronto) Backups Linode AP-South (Singapore) Backups Linode AP-South (Singapore) NodeBalancers Linode AP-Southeast (Sydney) Kubernetes Engine Linode EU-West (London) Kubernetes Engine Linode CA-Central (Toronto) Linode EU-Central (Frankfurt) NodeBalancers Linode AP-South (Singapore) Block Storage Linode AP-South (Singapore) Linode US-West (Fremont) Linode EU-Central (Frankfurt) Block Storage Linode AP-Southeast (Sydney) Linode US-Central (Dallas) NodeBalancers Linode US-West (Fremont) Block Storage Linode US-East (Newark) NodeBalancers

Trusted by 1,000+ teams

The Status Page Aggregator with Early Outage Detection

Stop finding out about outages from your users. Monitor 6,320+ cloud services and get alerted the second something breaks.

Start Free Trial Learn More
IsDown status aggregator dashboard
Latest Updates ( sorted recent to last )
RESOLVED 20 days ago - at 05/05/2026 10:19PM

We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email support@linode.com for assistance.

INVESTIGATING 24 days ago - at 05/01/2026 05:52PM

We are continuing to investigate this issue.

INVESTIGATING 24 days ago - at 05/01/2026 05:51PM

Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Latest Linode outages

Service Issue - Paris (FR-PAR3) - 4 days ago
Emerging Service Issue - GPU Deployment - 6 days ago
Emerging Service Issue - [Linodes and Linode Kubernetes Engine (LKE)] - [All Regions] - 10 days ago
Investigating - Linode VM Migration Delays (All Regions) - 11 days ago
[Fragnesia] Linux Privilege Escalation Vulnerability - 12 days ago

The Status Page Aggregator with Early Outage Detection

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 6320 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook