This article clarifies the impact of CVE-2026-31431, also known as "Copy Fail," on containerized environments, specifically focusing on VMware Photon OS images and Bitnami Secure Images (BSI).

CVE-2026-31431, also known as “Copy Fail”, is a Linux kernel local privilege escalation vulnerability affecting the algif_aead module / AF_ALG userspace crypto API. Public reports describe it as a flaw in the Linux kernel that may allow an unprivileged local user to escalate privileges on a vulnerable Linux host.

Bitnami Secure Images (BSI) container images are not directly affected by this CVE because container images do not ship or control the Linux kernel used at runtime. Containers use the kernel of the underlying container host, Kubernetes node, or VM.

Bitnami Secure Images container images

CVE-2026-31431 is a vulnerability in the Linux kernel, specifically in the algif_aead / AF_ALG crypto interface. It is not a vulnerability in a user-space package, application library, or file included inside a BSI container image.

A container image contains the application, user-space libraries, package metadata, and filesystem layers. It does not contain the running host kernel. When a BSI container runs on Kubernetes or Docker, it uses the kernel provided by the Kubernetes node, container host, or underlying VM.

Because of this architecture, CVE-2026-31431 may affect the runtime environment where the container is executed, but it does not directly affect the BSI container image itself.

No BSI container image rebuild is required specifically to remediate CVE-2026-31431.

To remediate this vulnerability, customers should patch or mitigate the Linux kernel on the systems that run the containers.