Together AI shuts down Copy Fail vulnerability in production

AI Impact Summary

The team swiftly mitigated a critical vulnerability (CVE-2026-31431), dubbed Copy Fail, by immediately disabling the vulnerable `algif_aead` crypto socket interface across the entire Together AI production fleet. This proactive response prevented potential exploitation of a logic bug in the Linux kernel that could have led to root access and compromise of underlying host systems, particularly within multi-tenant GPU environments. The team’s rapid action highlights the significant risk posed by shared kernel interfaces in modern AI infrastructure.