Copy Fail (CVE-2026-31431) is a critical privilege escalation vulnerability in the Linux kernel's cryptographic authentication template affecting all major distributions since 2017. An unprivileged user can exploit a page cache corruption bug with a 732-byte Python script to gain root access. Corrupted pages are not marked dirty, remaining invisible to on-disk checksums while affecting all reads system-wide.
Safety
Copy Fail: 732 Bytes to Root on Every Major Linux Distributions
CVE-2026-31431 (Copy Fail) enables unprivileged users to achieve root access across all major Linux distributions via a 732-byte exploit script targeting kernel page cache corruption present since 2017.
Thursday, April 30, 2026 12:00 PM UTC2 MIN READSOURCE: LobstersBY sys://pipeline
Tags
safety
/// RELATED
Safety4d ago
Severe Linux Copy Fail security flaw uncovered using AI scanning help
AI-powered security scanning uncovered Copy Fail, a critical privilege escalation flaw affecting all Linux distributions since 2017 through kernel page-cache corruption in the crypto subsystem.
Safety5d ago
Linux cryptographic code flaw offers fast route to root
CVE-2026-31431 ('Copy Fail') exposes a critical Linux kernel cryptographic flaw exploitable with just 10 lines of code, affecting virtually all distributions since 2017 and enabling container escapes.