All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Copy Fail exploit (CVE-2026-31431) allows unprivileged users to gain root shell in Linux containers

By

Gabriel Garrido

23d ago· 18 min readenNews
Bagel score 98 of 100
98/100
Golden Brown
Bagelometer

Sesame, salt, and substance. A flagship bake.

Score98TypenewsSentimentnegative

Summary

A security vulnerability (CVE-2026-31431) called "Copy Fail" was publicly disclosed on April 29th, 2026. The exploit allows a local unprivileged user to obtain a root shell by running a Python script. It affects Linux containers used for public-facing services, development environments, and CI jobs. The author notes they moved from Docker to Podman about a year ago, and this CVE is particularly interesting in that context.

Key quotes

· 3 pulled
This vulnerability allows a local unprivileged user to obtain a root shell by running the Python script shared by the author.
A container exploited with Copy Fail can used quite effectively for many kinds of attacks.
This CVE is quite interesting to me as it's been about a year since I moved away from Docker to Podman
Snippet from the RSS feed
Contents

You might also wanna read

CIFSwitch Linux Vulnerability Allows Unprivileged Users to Gain Root Access via CIFS Flaw

A new Linux local-root privilege escalation vulnerability named CIFSwitch has been disclosed by researcher Asim Manizada. The flaw combines

almalinux.org·2d ago