CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Ongoing updates on Copy.fail and variants

unknownpublic exploitCVE-2026-46300CVE-2026-43284CVE-2026-31431CVE-2026-43500
Bulletin ID: 2026-030-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/13/2026 10:00 PM PDT This is an ongoing issue. This bulletin will be updated as more information becomes available. Description: AWS is aware of the copy.fail or DirtyFrag class of issues - a set of privilege escalation issues affecting the Linux Kernel. We will update this bulletin as more information becomes available. Please see below for current patching timelines for affected services related to the Copy.fail kernel issue and all its variants. AWS recommends that customers apply all updates addressing these issues as soon as they are available. See more details at Security Bulletin (ID: 2026-030-AWS).

CSIRTS triage

What
A set of privilege escalation issues affecting the Linux Kernel.
Who is affected
AWS customers using the affected Linux kernel.
Urgency
Remediation is urgent due to the potential for exploitation.
Action
Apply all updates addressing these issues as soon as they are available.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Linux kernel

Get an email when a new Linux kernel advisory drops — max one per day, one-click unsubscribe.

Details

Source
AWS Security Bulletins (INTL · vendor-psirt · site)
Severity
unknown
Published
2026-06-05
Exploitation
Not in CISA KEV at last sync

Original advisory: https://aws.amazon.com/security/security-bulletins/rss/2026-030-aws/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2026-46300coverage & exploitation statusNVD · CVE.org
CVE-2026-43284coverage & exploitation statusNVD · CVE.org
CVE-2026-31431coverage & exploitation statusNVD · CVE.org
CVE-2026-43500coverage & exploitation statusNVD · CVE.org

Same CVEs, other sources

How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.

More from AWS Security Bulletins