{"id":763,"date":"2026-04-30T09:58:40","date_gmt":"2026-04-30T09:58:40","guid":{"rendered":"https:\/\/thedigitalfortress.us\/?p=763"},"modified":"2026-04-30T09:58:40","modified_gmt":"2026-04-30T09:58:40","slug":"new-linux-copy-fail-vulnerability-enables-root-access-on-major-distributions","status":"publish","type":"post","link":"https:\/\/thedigitalfortress.us\/?p=763","title":{"rendered":"New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions"},"content":{"rendered":"
\n

\ue804<\/i>Ravie Lakshmanan<\/span>\ue802<\/i>Apr 30, 2026<\/span><\/span>Linux \/ Vulnerability<\/span><\/p>\n<\/div>\n

\n
<\/a><\/div>\n

Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root.<\/p>\n

The high-severity vulnerability tracked as CVE-2026-31431<\/a><\/strong> (CVSS score: 7.8) has been codenamed Copy Fail<\/a><\/strong> by Xint.io and Theori.<\/p>\n

\u00abAn unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root,\u00bb the vulnerability research team at Xint.io and Theori said<\/a>.<\/p>\n

At its core, the vulnerability stems from a logic flaw in the Linux kernel’s cryptographic subsystem, specifically within the algif_aead module. The issue was introduced in a source code commit<\/a> made in August 2017.<\/p>\n

\n
\"Cybersecurity\"<\/a><\/div>\n<\/div>\n

Successful exploitation of the shortcoming could allow a simple 732-byte Python script to edit a setuid binary and obtain root on essentially all Linux distributions shipped since 2017, including Amazon Linux, RHEL, SUSE, and Ubuntu. The Python exploit involves four steps –<\/p>\n