BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Linux “Copy Fail” Bug Lets Local Users Gain Root

  • A critical Linux flaw allows an unprivileged local user to write to a file’s cache and escalate to root privileges.
  • The vulnerability, tracked as CVE-2026-31431, affects nearly all Linux distributions released since 2017.
  • Exploitation is reliable, works across containers, and can be triggered with a small 732-byte Python script.

Cybersecurity researchers from Xint.io and Theori disclosed a high-severity Linux kernel vulnerability on April 30, 2026, which a simple Python exploit can weaponize for full system control. Dubbed Copy Fail, this local privilege escalation flaw is tracked as CVE-2026-31431 with a CVSS score of 7.8.
The issue stems from a logic flaw introduced in a 2017 commit to the kernel’s algif_aead cryptographic module. Consequently, an unprivileged user can write four controlled bytes into the page cache of any readable file. This primitive enables the corruption of a setuid binary like “/usr/bin/su” to gain root access.
Successful exploitation uses a small Python script to trigger the write and execute shellcode. Meanwhile, the vulnerability’s impact is broad, affecting Amazon Linux, RHEL, SUSE, and Ubuntu distributions. The page cache is shared, so the flaw also has cross-container implications.
Researchers compare Copy Fail to the earlier Dirty Pipe vulnerability, noting a similar page cache manipulation goal. However, Copy Fail presents a unique and dangerous combination of traits. According to David Brumley of Bugcrowd, the flaw allows a writable page cache page in an AEAD operation’s scatterlist.
“This vulnerability is unique because it has four properties that almost never appear together: it’s portable, tiny, stealthy, and cross-container,” a Xint.io spokesperson stated. The flaw is reliably triggered without race conditions, making it a significant threat. Linux distributions have therefore released their own advisories in response to the disclosure.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Michael Saylor’s credit pivot as BTC-focused firm tanks

Michael Saylor's public messaging pivoted from disparaging credit to praising it in June 2025.His...

RustDuck malware builds DDoS botnet, evolves in Rust

A new botnet called RustDuck is hijacking home routers and servers to launch DDoS...

Major Firms Back OUSD as Clarity Act Advances

A consortium including VISA, Mastercard, BlackRock, and Coinbase is backing a new stablecoin, Open...

Coinmetro Files for Reorganization After Partner Failure

Estonian exchange Coinmetro has filed for reorganization with a local court, citing a failure...

Bypass Lets AI Agents Run Dangerous Shell Commands

A decades-old shell scripting trick, named GuardFall, can bypass the safety checks of most...

Must Read

What Is Bcrypt Password Hashing Function?

KEY TAKEAWAYSBcrypt is a password hashing function that transforms plain passwords into unique alphanumeric sequences.It is a one-way process, ensuring that passwords cannot be...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading