Carbon’s Response to the Industry-Wide Linux “Copy Fail” Vulnerability (CVE-2026-31431)

May 1, 2026

On April 29, 2026, security researchers publicly disclosed a flaw in the Linux operating system — the software that runs underneath most of the modern internet, including cloud services, connected devices, and industrial equipment. The flaw has been nicknamed “Copy Fail” (formal name: CVE-2026-31431).

This is not a Carbon-specific issue. It is an issue in technology used broadly across the technology industry, and security teams at companies around the world have been responding to it over the past several days. We are publishing this post so that our customers, partners, and the broader Carbon community can clearly see how Carbon has responded.

Your Carbon devices have been patched

We have already applied a security fix to all Carbon hardware (printers and washers) that were online overnight on April 30. This includes printers enrolled in our Version Lock program, as Carbon retains the ability to apply critical security fixes to all printers when necessary.

If your printer or washer was powered down or offline overnight on April 30 – May 1 (US Pacific Time), it will be patched at a future date. No action is required from you.

Importantly, this was a security action only. It did not change your installed software version, and it did not alter any core printing or washing functionality.

What “Copy Fail” is, in plain terms

Under specific conditions, the flaw allows someone who already has access to a Linux machine to gain a higher level of control of that machine than they were supposed to have. It does not, by itself, give an outside attacker on the internet a way in. The risk arises when this flaw is combined with some other foothold on a system.

Because Linux is so widely deployed, the disclosure prompted a coordinated response across many companies — Linux distribution maintainers, cloud providers, equipment vendors, and software-as-a-service companies have all been issuing patches and advisories.

Carbon’s response

Carbon takes the security of your data and the continuity of your operations extremely seriously. Our security team continuously monitors for situations like this so we can act quickly when one arises. Within hours of the public disclosure, Carbon stood up a coordinated, top-priority response that included:

A complete inventory of Linux systems across our cloud services, internal infrastructure, and connected devices.
Deployment of appropriate fixes across all Carbon hardware and cloud services.
Active monitoring and threat-hunting across our environment for any indicator of misuse.

No breach detected

As of this writing, we have not detected any sign that this flaw has been used against Carbon systems or customer data. We will update you if that picture changes in any way that’s relevant to you.

Subscribe to our Newsletter

Business Email Address*

Industry * Please select an industry so we can send you the appropriate newsletter!

First Name (Optional)

Last Name (Optional)

Consent to receive direct marketing:
By clicking on the "Subscribe" button, you agree to receive communications about Carbon products, services, surveys, events, publications and promotions relevant to your industry. You can unsubscribe at any time by clicking the link provided in each communication.

By clicking on the "Subscribe" button, you also confirm that you understand and agree that this use of Carbon's web site is subject to the Carbon3d.com Terms of Use and you agree to the processing of your personal data by Carbon as described in the Privacy Policy.