Our triage showed, that the security vulnerability reported in https://copy.fail/ doesn’t seem to affect the Linux kernel versions currently shipped in maintained releases of UCS (5.2-5) and those releases under extended maintenance (5.0-10, 4.4-9).
One explanation seems to be given by Tested on Debian 12.13 (doesn't work) · Issue #19 · theori-io/copy-fail-CVE-2026-31431 · GitHub . We actively monitor the situation. For extra precaution we recommend employing the workaround given in https://copy.fail/ (i.e. disable the algif_aead module in some way).