Security ID : QSA-26-16
Local Privilege Escalation Vulnerability in Linux Kernel (Copy Fail)
Release date : May 2, 2026
CVE identifier : CVE-2026-31431
Not affected products:
All QNAP x86-based NAS
All QuTS hero NAS models
QNAP ARM-based NAS running QTS 4.x (these utilize older kernel versions).
QNAP ARM-based NAS running kernel versions other than 5.10.Affected products:
QTS on specific QNAP ARM64 NAS models running Kernel 5.10
Severity
Moderate
Status
Resolved
Summary
A local privilege escalation vulnerability, commonly known as "Copy Fail", has been reported to affect the Linux kernel. If exploited, this vulnerability could allow an authenticated, non-administrator user with code execution capabilities to obtain elevated system privileges.
This vulnerability specifically affects systems that meet both of the following criteria:
- Architecture: ARM64 .
- Kernel Version: Linux Kernel 5.10.
QNAP is currently investigating the issue and developing security updates. This advisory will be updated as soon as fixes are available.
Affected Products
The following operating system versions are affected:
- QTS on specific QNAP ARM64 NAS models running Kernel 5.10
To verify your NAS architecture and kernel version, please log in to QTS or check the technical specifications for your model at: https://www.qnap.com/go/release-notes/kernel
Products Not Affected
The following products and configurations are not impacted by this vulnerability:
- All QNAP x86-based NAS
- All QuTS hero NAS models
- QNAP ARM-based NAS running QTS 4.x (these utilize older kernel versions).
- QNAP ARM-based NAS running kernel versions other than 5.10.
Recommendation
The security vulnerability has been successfully patched. Please download and install the latest firmware to ensure your device remains secure.
Revision History:
V1.0 (May 2, 2026) - Published
V1.1 (May 25, 2026) - Change status to "Resolved"
