All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Copy Fail (CVE-2026-31431): Critical Linux Kernel LPE Vulnerability Affecting All Major Distributions

By

Xint

1mo ago· 3 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

If you only eat one bagel today, this is the bagel.

Score80TypenewsSentimentvery negative

Summary

A critical Linux privilege escalation vulnerability (CVE-2026-31431) dubbed "Copy Fail" has been discovered by researcher Xint Code. The exploit leverages the kernel crypto API (AF_ALG) to achieve 100% reliable local privilege escalation from an unprivileged user account to root. It requires no race conditions, no per-distro offsets, uses page-cache writes that bypass on-disk file-integrity tools, and can cross container boundaries. The vulnerability affects all mainstream Linux distributions with kernels built between 2017 and the patch date, as the AF_ALG crypto API ships enabled by default in essentially every major distro.

Key quotes

· 3 pulled
Same script, four distributions, four root shells — in one take.
Copy Fail requires only an unprivileged local user account — no network access, no kernel debugging features, no pre-installed primitives.
The kernel crypto API (AF_ALG) ships enabled in essentially every mainstream distro's default configuration.
Snippet from the RSS feed
CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.

You might also wanna read

CIFSwitch Linux Vulnerability Allows Unprivileged Users to Gain Root Access via CIFS Flaw

A new Linux local-root privilege escalation vulnerability named CIFSwitch has been disclosed by researcher Asim Manizada. The flaw combines

almalinux.org·2d ago

AI-assisted vulnerability discovery raises concerns about Linux kernel security

This opinion article discusses a troubling trend in Linux security where AI-powered tools are being used to discover and exploit kernel vuln

theregister.com·1d ago

CVE-2026-0257: PAN-OS GlobalProtect Authentication Bypass Under Active Exploitation

CVE-2026-0257 is a medium-severity (CVSS 7.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS and Prisma Access Glob

briefly.co·2d ago