UpCloud responds to the “Copy Fail” and “Dirty Frag” Local Root Vulnerability exploits

Posted on 30 April 2026

A new and easily exploitable “Copy Fail” local root vulnerability was identified on April 29, 2026, impacting all Linux deployments. Due to its simplicity compared to typical Local Root Exploits (LREs), systems with untrusted local users are at the highest risk. Updates are required for all Cloud Servers using any Linux distribution including Managed Kubernetes worker nodes.

The UpCloud platform itself is unaffected by this issue. The nature of the exploit does not permit any form of virtual machine escape, which means a customer’s Cloud Server cannot be used to compromise the underlying host system or gain unauthorized access to other customers’ data or Cloud Servers. We can confirm the integrity and isolation of our Cloud Servers remain intact.

We will update the public templates for Linux distributions with the necessary mitigation patches as soon as they are made available by the respective distribution’s package maintainers. These updates will automatically apply to all new server deployments.

Updating existing Cloud Server operating systems to patch the vulnerability is at the user’s responsibility. We urge all users to update their systems as soon as patches become available.

Full details about the exploit can be found from https://copy.fail/

You ARE affected if:

  • You have a Linux server that was installed in 2017 or later.

You are at higher risk if:

  • Your system has local untrusted users, or
  • It is a shared environment with multiple users, or
  • Your system allows remote code execution by unprivileged users.

You are NOT affected if:

  • Your server is running a non-Linux operating system, such as Windows Server.

What do I need to do

To ensure the security, stability, and optimal performance of your Linux-based system, it is crucial to consistently keep the system up-to-date with the latest patches and security fixes.

This process involves fetching and installing the latest versions of all installed software packages, including the core Linux kernel.

Recommended procedures

Distribution FamilyCommand for Update Check and DownloadCommand for Applying Updates
Debian/Ubuntusudo apt updatesudo apt upgrade
Alma/CentOS/Fedora/Rockysudo dnf check-update or sudo yum check-updatesudo dnf upgrade or sudo yum update

Mitigating this vulnerability requires the system to be restarted after applying the patches.

Maintaining an up-to-date system is not a one-time operation but a continuous practice that must be integrated into the system administration routine.

UPDATE: New “Dirty Frag” Vulnerability

A new security flaw called Dirty Frag has been discovered that is closely related to the “Copy Fail” exploit described above. Like Copy Fail, this vulnerability allows a regular user to gain full administrative (root) control over a Linux system.

What you should do:

The most important step is to update your Linux kernel as soon as patches are available.

Patch release status

DistributionStatus
AlmaLinuxAlma 9 & 10 updated
CentOS StreamCentOS 10 updated
Debian GNU/LinuxDebian 12 & 13 updated
Fedora LinuxFedora 42 & 43 updated
Rocky LinuxRocky Linux 9 & 10 updated
UbuntuUbuntu 22.04 Updated
Ubuntu 24.04 Updated
Ubuntu 26.04 not affected
Managed KubernetesKubernetes 1.28, 1.29, 1.30, 1.31, 1.32, 1.32 & 1.35 templates updated

Summer promotion!

Start your free 30-day trial today and discover why thousands of businesses trust UpCloud

  • $500 free credits
  • Risk-free trial
  • Optimized performance
  • Scalable infrastructure
  • Top-tier security
  • Global availability

Sign up

See also

Purple background with white text saying "We're a Green Web Provider!" and a circular lightning bolt icon, emphasizing sustainable hosting.

We’re a Green Web Provider!

Good news everyone! The Green Web Foundation has verified UpCloud as a Green Web Provider. This means that anyone hosting their website on UpCloud can […]

Charley Mann

UpCloud promotional image with a purple background, featuring the company logo and text summarizing 2023 highlights, including new managed services and a data center.

Highlights of 2023: New managed services, data centre, and much more

With 2023 at an end and the new year before us, we wanted to reflect on some significant highlights of last year. Our heartfelt thanks […]

Artur Wikström

Growth Marketing Specialist

Map of Europe and a Kubernetes logo over Finland, highlighting that Kubernetes Community Day is coming to Helsinki.

We 💜 KCD Helsinki

Last week we attended Helsinki’s first Kubernetes Community Day – one of a global series of locally-defined events that help grow and sustain Kubernetes and […]

Charley Mann

Back to top