CVE-2026-31431 ("copy.fail") is a Linux kernel local privilege escalation vulnerability in the AF_ALG crypto path (involving the algif_aead module). It is not remotely exploitable on its own; an attacker would first need local code execution on a host. Redpanda has deployed mitigations across Redpanda Cloud to reduce risk by blacklisting/unloading algif_aead and we have no evidence of exploitation. The long-term remediation is kernel upgrades as upstream/cloud-provider patches become available; customers who need a definitive compliance attestation should run their standard host vulnerability scans and consult OS/vendor guidance.
Important note: If there are any questions relating to this, please reach out to Support at support.redpanda.com or raise a Support Ticket, by quoting this KB article.