A critical local privilege escalation vulnerability (CVE-2026-31431, "Copy Fail") in the Linux kernel's authencesn cryptographic template allows unprivileged users to modify the page cache to gain root. The simple 10-line exploit affects almost all distributions since 2017; major vendors including Debian are shipping patches. While not remotely exploitable alone, it enables container escapes and poses risks when chained with RCE or SSH compromises.
Safety
Linux cryptographic code flaw offers fast route to root
CVE-2026-31431 ('Copy Fail') exposes a critical Linux kernel cryptographic flaw exploitable with just 10 lines of code, affecting virtually all distributions since 2017 and enabling container escapes.
Thursday, April 30, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline
Tags
safety
/// RELATED
Infrastructure5d ago
Copy Fail — 732 Bytes to Root
Copy Fail, a critical Linux kernel privilege escalation affecting all major distros since 2017, lets unprivileged users reach root via the default-enabled AF_ALG crypto API—hitting multi-tenant systems, Kubernetes, and cloud SaaS especially hard.
Safety5d ago
Copy Fail: 732 Bytes to Root on Every Major Linux Distributions
CVE-2026-31431 (Copy Fail) enables unprivileged users to achieve root access across all major Linux distributions via a 732-byte exploit script targeting kernel page cache corruption present since 2017.