Linux kernel "Copy Fail" vulnerability (CVE-2026-31431)
Summary
A local privilege escalation vulnerability has been disclosed in the Linux kernel (CVE-2026-31431), nicknamed Copy Fail. The flaw is in the algif_aead hardware-accelerated crypto kernel module and carries a CVSS 3.1 score of 7.8 (HIGH).
This vulnerability does not affect the Art of WiFi software itself. It does, however, affect the Linux kernel of any Ubuntu server running the self-hosted version of our captive portal — and we recommend Ubuntu LTS for self-hosted deployments. All Ubuntu LTS releases up to and including 24.04 (Noble) are affected; 26.04 (Resolute) is not.
Recommendations
Apply Ubuntu security updates as soon as possible and reboot the host to ensure the mitigation takes effect: sudo apt update && sudo apt upgrade.
If you have unattended-upgrades enabled (the default on Ubuntu 16.04 LTS onwards), the patch will have been applied already. If you cannot reboot immediately, the updated kmod package blocks the affected module via a modprobe configuration — see the Ubuntu Security Team article below for the per-release version table and a manual mitigation procedure.
Customers on our cloud-hosted captive portal do not need to take any action — we handle patching.
When in doubt, please reach out to us: