Skip to main content

CVE-2026-31431

Bulletin ID: 2026-026-AWS
Scope: Amazon
Content Type: Important (requires attention)
Publication Date: 05/06/2026 18:30 PM PDT
Modification Date: 05/13/2026 13:00 PM PDT
 

⚠️This is an ongoing issue. Information is subject to change. Please refer to our Security Bulletin (ID: 2026-030-AWS) for the most updated patching information.


Description:

Amazon is aware of an issue in the Linux kernel (CVE-2026-31431) that could potentially allow an authenticated local user to escalate privileges.

As a best practice, AWS recommends that you apply all security patches and software version updates as soon as they become available. Please refer to our Security Bulletin (ID: 2026-030-AWS) for the most updated patching information.

Related Security Bulletins - copy.fail variants

  1. Security Bulletin 2026-029-AWS - CVE-2026-43284 (also known as "Fragnesia")
  2. Security Bulletin 2026-027-AWS - CVE-2026-43284 and CVE-2026-31431 (also known as "DirtyFrag" or copy.fail 2)

References:

To find more information about "Dirty Frag" and other issues in Amazon Linux kernels (CVE-2026-31431), please refer to our Security Bulletin


Please email aws-security@amazon.com with any security questions or concerns.