Linode Status

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email [email protected] for assistance.

Investigating: We are continuing to investigate this issue.

Investigating: Akamai is aware of the recently disclosed “Copy Fail” vulnerability (CVE-2026-31431). We are assessing the issue and are working to address it across our product portfolio and internal systems. While we have not observed any related malicious exploits targeting our infrastructure, Akamai continuously works to reduce risks and enhance our security posture. We are taking both immediate and longer-term steps to mitigate potential impacts and help ensure the continued confidence of our customers.

Per our Shared Security Model[1], customers are responsible for making sure their service’s installed applications and code are securely configured and patched. Given the nature of this vulnerability, it should be assumed that all virtual machines running Linux are at-risk until patched. We will be publishing more details as patches are incorporated into the base images that we supply, but we strongly recommend customers deploy mitigations on all instances. Furthermore, the nature of the vulnerability suggests that container escapes are possible, so customers allowing untrusted workloads to execute in their containers may need to take additional steps to secure their containerized workloads.

We will provide further information regarding our posture and recommended actions for Akamai Compute customers who may be affected.

[1] https://www.akamai.com/legal/security

Investigating: We have updated our latest Linode kernel to version 7.0.5, which contains the upstream fix from kernel.org for the DirtyFrag vulnerabilities as well as the previous fixes for the recent CopyFail vulnerability. This kernel is available in Cloud Manager and we recommend customers using the Linode-compiled kernel update their configurations to this kernel. We are in parallel tracking the upstream Linux distributions and will provide another update when fixed versions have been released.

Investigating: Akamai is aware of the recently disclosed “DirtyFrag”[1] vulnerability that followed the “CopyFail”[2] disclosure. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems.

As with “CopyFail”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “DirtyFrag” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers.

As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected.

[1] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [2] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Resolved: We have completed our investigation and response to the “Copy Fail” Linux kernel local privilege escalation vulnerability (CVE-2026-31431). We have published a documentation article with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/