What is GCP-2026-028?

GCP-2026-028 is a security advisory published by Google Cloud Security Bulletins with High severity. GCP-2026-028 — Published: 2026-05-05Updated: 2026-05-27Description Description Severity Notes CVE-2026-31431, also known as "Copy Fail," is a…

Which CVE IDs does GCP-2026-028 cover?

GCP-2026-028 covers the following CVE IDs: CVE-2026-31431. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GCP-2026-028High

GCP-2026-028 — Published: 2026-05-05Updated: 2026-05-27Description Description Severity Notes CVE-2026-31431, also known as "Copy Fail," is a…

Vendor

Google Cloud Security Bulletins

Published

May 20, 2026

Last Modified

—

🔗 CVE IDs covered (1)

CVE-2026-31431 →

📋 Description

Published: 2026-05-05Updated: 2026-05-27Description Description Severity Notes CVE-2026-31431, also known as "Copy Fail," is a high-severity local privilege escalation (LPE) vulnerability in the Linux kernel that allows an unprivileged user to gain root access. Disclosed in late April 2026, it stems from a logic flaw in the kernel's cryptographic subsystem (algif_aead) introduced in 2017. What should I do? Google recommends that customers protect their Linux Guest VMs by updating the kernel on all Linux VMs. Major distributions have released or are rolling out fixes. High CVE-2026-31431

🔗 References (1)

advisoryhttps://docs.cloud.google.com/support/bulletins/index#gcp-2026-028