Copy Fail (CVE-2026-31431) is severe enough that we wanted to create a patch ASAP.
If you run AlmaLinux on a multi-tenant host, container build farm, CI runner, or any system where untrusted users can get a shell, please read this blog post!
https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
AlmaLinux
npub1ax…3lujq
2026-05-01 14:29:28 UTC
Author Public Key
npub1ax5chf02hudke2wumsdjujenxtpsxjg94qgqtk5zldezkw4xpt0sx3lujqSeen on
wss://relay.momostr.pinkPublished at
2026-05-01 14:29:28 UTCEvent JSON
{
"id": "762bb5d2fdd1d0b16fc029c8cdb8b724f12c16f7c8737c9c388aa8558020bc70",
"pubkey": "e9a98ba5eabf1b6ca9dcdc1b2e4b3332c3034905a81005da82fb722b3aa60adf",
"created_at": 1777645768,
"kind": 1,
"tags": [
[
"proxy",
"https://fosstodon.org/@almalinux/116499793084373127",
"web"
],
[
"proxy",
"https://fosstodon.org/users/almalinux/statuses/116499793084373127",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://fosstodon.org/users/almalinux/statuses/116499793084373127",
"pink.momostr"
],
[
"-"
]
],
"content": "Copy Fail (CVE-2026-31431) is severe enough that we wanted to create a patch ASAP.\n\nIf you run AlmaLinux on a multi-tenant host, container build farm, CI runner, or any system where untrusted users can get a shell, please read this blog post!\n\nhttps://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/",
"sig": "e25662a69de6a78a0fee9923f49b82575cd993486dac5bb3c56c84b879fb6e86885eac3cb4d9e40e794f7c77984e5f73805643192c448b0c8d83925961f40101"
}