UTHPC incident

Possible temporary service interruptions due to Critical Linux Kernel Vulnerability (CVE-2026-31431)

Minor Resolved View vendor source →

UTHPC experienced a minor incident on April 30, 2026, lasting —. The incident has been resolved; the full update timeline is below.

Started
Apr 30, 2026, 06:45 AM UTC
Resolved
Apr 30, 2026, 06:45 AM UTC
Duration
Detected by Pingoru
Apr 30, 2026, 06:45 AM UTC

Update timeline

  1. resolved Apr 30, 2026, 06:45 AM UTC

    Type: Incident Duration: 7 hours and 4 minutes Affected Components: RStudio, kubernetes.hpc.ut.ee, Open OnDemand, puhuri.metacenter.no, puhuri-portal.neic.no, minu.etais.ee, account.lumi.cscs.ch, my.lumi-supercomputer.eu, docs.hpc.ut.ee, lumi.deic.dk, hpc.ut.ee, Galaxy, support.hpc.ut.ee, registry.hpc.ut.ee, rocket.hpc.ut.ee Apr 30, 09:43:20 GMT+0 - Identified - We have created a documentation for CVE-2026-31431 mitigation: This is primarily useful for UT Cloud virtual machine managers. We'll keep updating the document with the best approaches as we learn more. Apr 30, 13:48:46 GMT+0 - Resolved - We have applied mitigation measures for the Critical Linux Kernel Vulnerability (CVE-2026-31431) across all affected services. The incident is resolved. However, the virtual machine managers are still required to apply the patches following the guides published here: You are welcome to contact support for additional information: [[email protected]](mailto:[email protected]) Best, UT HPC Center Apr 30, 06:45:03 GMT+0 - Identified - Due to the recently disclosed “[Copy Fail](https://copy.fail/)” (CVE-2026-31431) Linux kernel vulnerability, our system administrators are actively applying mitigation measures and updates across all Tartu University HPC Center systems today. As a result, you may experience temporary interruptions or reduced service availability while this work is in progress. All UT HPC services are affected. At this time, the work is expected to be completed today; however, we will provide further updates if the situation extends beyond today.continuing to work on a fix for this incident. **Users running their own Linux virtual machines are advised to apply the recommended patches on their systems by following the instructions provided in the “Mitigation” section of the** [**CVE-2026-31431 advisory**](https://copy.fail/)**.** Thank you for your understanding. Apr 30, 08:41:41 GMT+0 - Identified - We are providing an update on the mitigation for the Critical Linux Kernel Vulnerability (CVE-2026-31431). We have learned that the mitigation described in CVE-2026-31431 is not effective on all Linux-based instances. Specifically, machines running RHEL or SUSE operating systems are currently not supported. As the respective OS providers have not yet released the required patches, we are recommending the following steps: ``` python3 -c " import socket, sys try: s = socket.socket(socket.AF_ALG, socket.SOCK_SEQPACKET, 0) s.bind(('aead', 'authencesn(hmac(sha256),cbc(aes))')) print('VULNERABLE - continue with next steps') sys.exit(1) except OSError as e: print('Not vulnerable:', e) sys.exit(0) " ``` 2\. Add a kernel parameter of `initcall_blacklist=algif_aead_init` to `/etc/default/grub`: ``` sed -i "s|^\(GRUB_CMDLINE_LINUX=\".*\)\"\s*$|\1 initcall_blacklist=algif_aead_init\"|" /etc/default/grub ``` 3\. Check the result: ``` grep GRUB_CMDLINE_LINUX /etc/default/grub # The line needs to end with initcall_blacklist=algif_aead_init", for example GRUB_CMDLINE_LINUX="... initcall_blacklist=algif_aead_init" Fix manually if necessary ``` 4\. Update GRUB configuration: ``` grub2-mkconfig -o /boot/grub2/grub.cfg ``` 5\. Reboot the machine: ``` reboot -h now ``` 6\. Check again with the first script For instance, running Debian or Ubuntu, mitigation can be applied by installing the latest available kernel version and rebooting the machine.