CVE-2026-31431 (Copy Fail): Kernel Update on CloudLinux
CVE-2026-31431 (Copy Fail) is a Linux kernel local privilege escalation vulnerability in the algif_aead module (AF_ALG). Any unprivileged local user can gain root via a 732-byte Python exploit. All kernels since 2017 are affected.
CVE-2026-31431 (Copy Fail): Mitigation and Upcoming Patches for CloudLinux
Update on 2026-05-01
A follow-up advisory with full update instructions has been published here.
CVE-2026-31431 (Copy Fail) is a Linux kernel local privilege escalation in the algif_aead module (AF_ALG). Any unprivileged local user can gain root via a 732-byte Python exploit. All Linux kernels since 2017 are affected.
CVE-2024-1086 Vulnerability - Mitigation for CloudLinux OS servers
A new vulnerability was discovered in the Netfilter subsystem in the Linux kernel identified as CVE-2024-1086. The CloudLinux team is actively working to address and mitigate the security issue within our software.
*Please note: An update for April 3, 2024, has been added to the end of this post
CVE-2023-4863 Security Vulnerability: CloudLinux Takes Action - Mitigation for CloudLinux OS Servers
A newly discovered critical WebP 0-day security vulnerability, identified as CVE-2023-4863, CloudLinux OS team We are actively addressing and mitigating the security issue within our software.
To summarize the impact on different CloudLinux versions:
- CloudLinux 7: No vulnerability found.
- CloudLinux 8: Fixed version is libwebp-1.0.0-8.el8_8.1, please update your OS to this version.
- CloudLinux 9: Fixed version is libwebp-1.2.0-7.el9_2, please update your OS to this version.
Securing Your CloudLinux Server: Mitigating New Intel and AMD CPU Vulnerabilities
CloudLinux Takes Action Against Zenbleed Vulnerability: Upcoming Patches
CVE-2023-20593 (Cross-Process Information Leak on AMD Zenbleed systems) was published in the official security bulletin on July 25th, 2023. Please read this security blog to learn more about this vulnerability.
Table of content:
2. Mitigation guide for CloudLinux OS
3. Updates as of August 3, 2023 - clarification on OS versions required for mitigation
4. Updates as of August 11, 2023 - update command for CloudLinux OS 7 hybrid added
CloudLinux has patched the “Dirty Pipes” vulnerability
The critical vulnerability CVE-2022-0847 affecting Linux kernels starting from 5.8 has been addressed by CloudLinux.
A security vulnerability in OpenSSL. Extended Support for CentOS 6 already has patches
On December 8, 2020 OpenSSL released an advisory patch for a high-risk null pointer dereference vulnerability found in the encryption library’s GENERAL_NAME_cmp() function. CVE-2020-1971 (assigned name) is the High level vulnerability that cannot be ignored. The only level higher is the Critical level which happens maybe once in 5 years.
